216.73.217.98

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 19:45 · Modified 08/06/2026 08:01

Essential information

Value / Name
24a42a912c6ad98ab3910cb1e031edbdf9ed6f452371d5696006c9cf24319147
Confidence
100/100
Revoked
Yes
Valid from
12/06/2025 00:07
Valid until
08/06/2026 08:00
Pattern type
stix
Published
20/12/2025 19:45
Modified
08/06/2026 08:01
Author / Source
AlienVault

Description

SUSP_Double_Base64_Encoded_Executable SHA256 of 8346d90508b5d41d151b7098c7a3e868

Pattern

[file:hashes.'SHA-256' = '24a42a912c6ad98ab3910cb1e031edbdf9ed6f452371d5696006c9cf24319147']

Labels / Tags

Labels: aerospace appleseed apt babyshark backdoor defense dll file espionage execution facebook flowerpower golddragon kimsuky kimsuky group linkedin nikigo nikihttp northkorea powershell shell telegram username vmprotect

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.