216.73.217.22

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 21:03 · Modified 21/12/2025 01:22

Essential information

Value / Name
6d403c3fc246d6d493a6f4acc18c1c292f710db6ad9c3ea2ff065595c5ad3c5b
Confidence
100/100
Revoked
Yes
Valid from
11/09/2023 16:42
Valid until
14/12/2024 15:42
Pattern type
stix
Published
20/12/2025 21:03
Modified
21/12/2025 01:22
Author / Source
AlienVault

Description

webshell_jsp_generic_reflection SHA256 of 21c7b2e6e0fb603c5fdd33781ac84b8f

Pattern

[file:hashes.'SHA-256' = '6d403c3fc246d6d493a6f4acc18c1c292f710db6ad9c3ea2ff065595c5ad3c5b']

Labels / Tags

Labels: asec aspxspy badpotato bitlocker blueshell china chopper cobaltstrike cve202222954 cve202222960 cve202222972 cve202222973 dalbit dropper enemybot frpc gafgyt godzilla groupware kimsuky lsass metasploit meterpreter mimikatz mirai sbinrpcd shellbot sliver socks5 sparkrat systemdrive

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Dalbit
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·