IOC: http://vwellpain.com/js/sub/up/down1/r_enc.bin – Securitricks

216.73.216.6

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 03:09 · Modified 21/12/2025 03:09

Essential information

Value / Name: http://vwellpain.com/js/sub/up/down1/r_enc.bin
Confidence: 100/100
Revoked: Yes
Valid from: 05/02/2024 18:11
Valid until: 23/03/2024 18:11
Pattern type: stix
Published: 21/12/2025 03:09
Modified: 21/12/2025 03:09
Author / Source: AlienVault

Description

No description.

Pattern

[url:value = 'http://vwellpain.com/js/sub/up/down1/r_enc.bin']

Labels / Tags

Labels: apt cloud dropbox lnk north korea tutclient xeno rat

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.