216.73.217.22

Indicator (IOC)

stix Revoked AlienVault · Published 22/01/2026 00:19 · Modified 14/04/2026 11:52

Essential information

Value / Name
38.32.68.195
Confidence
100/100
Revoked
Yes
Valid from
21/01/2026 23:26
Valid until
15/02/2026 01:13
Pattern type
stix
Published
22/01/2026 00:19
Modified
14/04/2026 11:52
Author / Source
AlienVault

Description

No description.

Pattern

[ipv4-addr:value = '38.32.68.195']

Labels / Tags

Labels: apt37 astrill vpn beavertail browser credential theft cryptocurrency facebook reconnaissance github golangghost installer tampering invisibleferret it services north korea pretexting process hollowing pylangghost remote access trojan rokrat shellcode injection social engineering software supply chain zoho workdrive c2

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Attack reports (1)