ThreatFox IOC Database

You are viewing the ThreatFox database entry for ip:port 135.181.18.42:23524.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2025-12-08 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	913804
IOC:	135.181.18.42:23524
IOC Type :	ip:port
Threat Type :	botnet_cc
Malware:	RedLine Stealer
Malware alias:	RECORDSTEALER
Confidence Level :	Confidence level is high (100%)
ASN:	AS24940 HETZNER-AS
Country:	DE
First seen:	2022-10-21 11:25:50 UTC
Last seen:	2023-08-01 17:56:42 UTC
UUID:	1df12c6c-5133-11ed-90cf-42010aa4000a
Reporter	abuse_ch
Reward	5 credits from ThreatFox
Tags:	RedLineStealer

Malware Samples

The table below documents recent malware samples observed that are associated with this indicator of compromise (IOC).

Time stamp (UTC)	SHA256 hash	Bazaar
2022-10-22 08:30:17	da1f8ebd4854f20fcaacdb348b13d58d2351a2e4890bf7f69c8c14c152c0a76e
2022-10-22 08:10:14	b6c777dd482e7e0c082000c21a54bed959607574d85b53a6dcbdcd771426bdc9
2022-10-22 05:00:32	2dde2cc8ac37a2f9750674975e4117414aaee2e1fa62b6cb28c9b4a6b7d2e458
2022-10-21 16:20:36	8bb2b3b5725fe1eb24d7b735d7d1a7f190de9a3ec9829fbe3eba3c79bdbc97e3
2022-10-21 16:05:34	47ac3d18dc7010640808ab90a5a83881593a6ab8a5bc178ff72f983e26c3476f
2022-10-21 14:25:37	5d950bf571f9f3b9ce6b21e701c533b7b2b0ea33d77830fafdb37f71e334aee2
2022-10-21 13:30:50	7e33162c7a2545cde7956cb206942b5efb0679547dc11df2bb522df90e305ae7
2022-10-21 12:35:42	b6433f49d2d37c58ca132fd5bbca5ac07530969636d6af7c9db223bef32d5d7c
2022-10-21 12:35:40	0217f3ad172709ea917cc7851ff34764f42c209ce17253f7fa4003810dd65b96
2022-10-21 11:42:45	88728adfa648a9020c5aaa7147589a247c5ec262419355cfe3e5655c17927d05