216.73.216.36

Indicator (IOC)

stix AlienVault · Published 21/12/2025 15:08 · Modified 21/12/2025 16:22

Essential information

Value / Name
854e5f77f788bbbe6e224195e115c749172cd12302afca370d4f9e3d53d005fd
Confidence
100/100
Revoked
No
Valid from
24/07/2025 13:30
Valid until
20/07/2026 21:24
Pattern type
stix
Published
21/12/2025 15:08
Modified
21/12/2025 16:22
Author / Source
AlienVault

Description

TrojanDownloader:Win64/BazaarLoader.AA!MTB SHA256 of 77b294117cb818df701f03dc8be39ed9a361a038

Pattern

[file:hashes.'SHA-256' = '854e5f77f788bbbe6e224195e115c749172cd12302afca370d4f9e3d53d005fd']

Labels / Tags

Labels: chacha20 conti data leak site dls donot loader double extortion encryption gunra gunra ransomware linux lumma stealer negotiation phishing ransomware volume shadow copy windows

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • gunra
    AlienVault Confidence 100

    No description available

    First seen 01/01/1970 · Last seen 16/11/5138 ·