216.73.216.233

Indicator (IOC)

stix AlienVault · Published 20/12/2025 23:01 · Modified 10/03/2026 09:53

Essential information

Value / Name
648c2067ef3d59eb94b54c43e798707b030e0383b3651bcc6840dae41808d3a9
Confidence
100/100
Revoked
No
Valid from
02/02/2026 11:46
Valid until
29/01/2027 19:39
Pattern type
stix
Published
20/12/2025 23:01
Modified
10/03/2026 09:53
Author / Source
AlienVault

Description

Win64:TrojanX-gen\ [Trj] SHA256 of 9ec4c38394ea2048ca81d48b1bd66de48d8bd4e8

Pattern

[file:hashes.'SHA-256' = '648c2067ef3d59eb94b54c43e798707b030e0383b3651bcc6840dae41808d3a9']

Labels / Tags

Labels: arguepatch aspxspy awfulshred badpotato bidswipe bitlocker caddywiper china chopper cobaltstrike credential harvesting cyberattack dalbit data destruction doublezero dynowiper energy sector godzilla groupware hermeticransom hermeticwiper impersonation industroyer industroyer2 mfa fatigue mimikatz mobile networks nikowiper orcshred phishing poland

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (2)

  • Dalbit
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Sandworm
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·