216.73.217.22

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 12:40 · Modified 05/03/2026 21:06

Essential information

Value / Name
www.upload-microsoft.com
Confidence
100/100
Revoked
Yes
Valid from
31/03/2025 13:23
Valid until
05/03/2026 21:06
Pattern type
stix
Published
21/12/2025 12:40
Modified
05/03/2026 21:06
Author / Source
AlienVault

Description

No description.

Pattern

[hostname:value = 'www.upload-microsoft.com']

Labels / Tags

Labels: africa apac apt checkout cobalt strike cobeacon credential harvesting cyberespionage data exfiltration dll side-loading dll sideloading godzilla government lateral movement latin america masqloader mimikatz pillager railload railsetter rsbinject sharepoint targeted attack vargeit web shell

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Earth Alux
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·