216.73.217.22

Indicator (IOC)

stix AlienVault · Published 09/06/2026 11:00 · Modified 18/06/2026 18:25

Essential information

Value / Name
https://38.225.209.229:9623/rcv/
Confidence
100/100
Revoked
No
Valid from
09/06/2026 10:49
Valid until
08/07/2026 16:32
Pattern type
stix
Published
09/06/2026 11:00
Modified
18/06/2026 18:25
Author / Source
AlienVault

Description

No description.

Pattern

[url:value = 'https://38.225.209.229:9623/rcv/']

Labels / Tags

Labels: credential theft cve-2025-8088 gammasteel giftedcrook giftedcrook stealer hta infection chain information stealer russia-aligned threats ukraine targeting winrar exploitation

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Attack reports (1)

Intrusion sets (1)

  • SHADOW-EARTH-066, Earth Dahu
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 Published 09/06/2026 11:00 · Modified 09/06/2026 11:00