ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 79.137.192.57:48771.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-10 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	895009
IOC:	79.137.192.57:48771
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS210352 YijiaXu
Country:	RU
First seen:	2022-10-19 12:06:18 UTC
Last seen:	2023-08-01 18:04:53 UTC
UUID:	7073fe3b-4fa6-11ed-bb69-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-10-20 11:57:17	deb48fd11339cf5965d6091a968a79122641d02a507cb2847b1fde45e952a24a
2022-10-20 10:38:16	6e3171073afbbfa511a45ac774ec558d5340b0b05c33e64456577fb190472783
2022-10-20 09:50:39	801e89cdb0b18ad755d024b057c77d1e2d7317624ca1096e3b30650fefb251db
2022-10-20 08:55:10	36ff589a4d9079a4e103c8f6fbc0b5db93d521d0283f4d85eb8464e0a9cc0cc2
2022-10-19 20:16:00	55c9b6e6ff795a72f8b09311687b9de481228ce3e88cd4d2a5f7a84fb56bd746
2022-10-19 19:50:34	d1020d62fc78a0788873d31b905fbfd037f58a1f9b538999c7212fe34c7019f2
2022-10-19 19:37:01	bfb370ec7c9814fef28e29192840d156e47df10483a5f8f6fa12d2d9b31aee82
2022-10-19 18:40:38	f6e0ba510c7aa4cea2f2cbd444993d6158fd0a948f2b8ef94042b96529089586
2022-10-19 18:06:15	592f53dc44d7bf555168c5b08524b77f07c12bab1b58281a450b5e6554e8c21b
2022-10-19 16:30:48	41f9d84c94f1ba09dd526259a12774f17f1a0e7b5cd832f05c6f1f4469f2a047
2022-10-19 16:10:42	1eef0a9568ff634f7bf90e0714300c90364c0507bdfc4a856136b2c29fc91ae4
2022-10-19 15:30:51	8e9365039f62b406258597f488261760e1c561d4290c5f4b1577ef8356bcfd11
2022-10-19 14:26:13	1c07ebd7879852ae7d29e3327feda21fb884b3d797c94183465d332c0c0ab6f1
2022-10-19 13:50:48	4ed4d3ec33d86a7399e001b0e40ad309bc8e8e1724f640e3946907cc0de7e010
2022-10-19 12:56:21	7a326252bacc0fd06ca168c8f89389f6bd89058385e6b07d7cd9676612bd93cd
2022-10-19 12:37:53	603fb4b24c5a546eaa65bb45d192313908c3c32d89eb3dcb09e461de20e54144
2022-10-19 12:21:02	9cd9e630d1113f57e6f0dcc6164bac77282e172b8f69a289008a7a5065e8331c