216.73.217.80

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 02:10 · Modified 21/12/2025 07:13

Essential information

Value / Name
736de79e0a2d08156bae608b2a3e63336829d59d38d61907642149a566ebd270
Confidence
100/100
Revoked
Yes
Valid from
18/09/2024 10:31
Valid until
14/09/2025 18:24
Pattern type
stix
Published
21/12/2025 02:10
Modified
21/12/2025 07:13
Author / Source
AlienVault

Description

Win32:RansomX-gen\ [Ransom]

Pattern

[file:hashes.'SHA-256' = '736de79e0a2d08156bae608b2a3e63336829d59d38d61907642149a566ebd270']

Labels / Tags

Labels: aes256 asm guard connectwise cve-2023-48788 cyrillic script ioctl code jscript medusa ransomware powershell ransomware ransomware-as-a-service (raas) safengine shielden telegram vbscript wmi

Marking (TLP)

TLP:CLEAR