216.73.216.36

Indicator (IOC)

stix AlienVault · Published 20/12/2025 23:55 · Modified 17/03/2026 09:24

Essential information

Value / Name
af000bc9f397975604ec0ffd36ff414005ea49ca97ec176eadd14072ceccac00
Confidence
100/100
Revoked
No
Valid from
09/02/2026 11:17
Valid until
05/02/2027 19:11
Pattern type
stix
Published
20/12/2025 23:55
Modified
17/03/2026 09:24
Author / Source
AlienVault

Description

HackTool:Win32/Mimikatz.D

Pattern

[file:hashes.'SHA-256' = 'af000bc9f397975604ec0ffd36ff414005ea49ca97ec176eadd14072ceccac00']

Labels / Tags

Labels: botnet crypto-mining emotet javascript macro mimikatz onenote phishing prometei prometei botnet vba vbscript wsf

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (2)

  • Emotet
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Prometei
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·