216.73.216.36

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 02:32 · Modified 21/12/2025 16:47

Essential information

Value / Name
19d0c55ac466e4188c4370e204808ca0bc02bba480ec641da8190cb8aee92bdc
Confidence
100/100
Revoked
Yes
Valid from
06/02/2024 11:14
Valid until
11/05/2025 12:14
Pattern type
stix
Published
21/12/2025 02:32
Modified
21/12/2025 16:47
Author / Source
AlienVault

Description

SUSP_LNK_SuspiciousCommands

Pattern

[file:hashes.'SHA-256' = '19d0c55ac466e4188c4370e204808ca0bc02bba480ec641da8190cb8aee92bdc']

Labels / Tags

Labels: apt apt 28 apt28 brute-force cert-ua#8399 cve-2023-23397 cve-2023-38831 domain controller fancy bear hash theft impacket information stealer javascript masepie oceanmap openssh phishing smb smbexec sofacy spear-phishing steelhook targeted attack

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • APT 28
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·