s2
--:--:--UTC

Searching APEX

Starting…

  1. Searching Threats, IOCs & Threat Intelligence locally
  2. Querying external providers
  3. Asking AI Forensic Validator
  4. Creating new entry from validated hit

0s elapsed

TF-1832445 high

📛 Threat Title

Unknown malware: ip:port combination that is used for botnet Command&control (C&C) 45.153.34.146:3001

Category: Unknown malware Published: Source updated: First seen: Last updated: Source: Threatfox IOCs/Threats

Description

Indicator that identifies a botnet command&control server (C&C). IOC type: ip:port combination that is used for botnet Command&control (C&C). Attributed malware: Unknown malware. Confidence: 75. Observed port: 3001. First seen: 2026-06-15 19:40:22 UTC. Reporter: Colwilson. Tags: etherhiding, iran, mois, MuddyWater, tsundere.

Remediations (6)

  • ExecutiveGov
    web:executivegov.com

    ExecutiveGov

  • Home - National Cybersecurity Alliance
    web:staysafeonline.org

    Permanent Redirect.

  • www.akamai.com
    web:www.akamai.com

    We would like to show you a description here but the site won't allow us.

  • Congress.gov
    web:www.congress.gov

    Congress.gov

  • Redirecting to /investigations/ransomware
    web:www.secretservice.gov

    Redirecting to /investigations/ransomware Redirecting to /investigations/ransomware.

  • PurpleFox Adds New Backdoor That Uses WebSockets - Trend Micro
    web:www.trendmicro.com

    One notable characteristic we rarely see in malware is leveraging WebSocket communication to the C&C servers for an efficient bidirectional channel between the infected client and the server. WebSocket is a communication technology that supports streams of data to be exchanged between a client and a server over just a single TCP session.

Indicators of Compromise (1)

Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.

ipv4 45.153.34.146

IOC database

Type
ipv4
Value
45.153.34.146
First seen
Last seen
Attached to this threat
Appears in
1 threat
Description
ip:port combination that is used for botnet Command&control (C&C) attributed to Unknown malware

Open the full IOC page →

Threat Hunt — feed corroboration

Not present in any configured threat-intel feed.

Details From VirusTotal

No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.

References (3)

  • External reference Threatfox IOCs/Threats
  • Malpedia profile Threatfox IOCs/Threats
  • ThreatFox IOC page Threatfox IOCs/Threats

    Indicator that identifies a botnet command&control server (C&C). IOC type: ip:port combination that is used for botnet Command&control (C&C). Attributed malware: Unknown malware. Confidence: 75. Observed port: 3001. First seen: 2026-06-15 17:15:40 UTC. Reporter: Colwilson. Tags: etherhiding, iran, mois, MuddyWater, tsundere.

AI Forensic Analysis

Only Available for Registered Users. Sign in to view.

VirusTotal Information

loading…

IP Geolocation

Loading…