216.73.216.233

Indicator (IOC)

stix AlienVault · Published 21/12/2025 17:00 · Modified 21/12/2025 17:22

Essential information

Value / Name
6d6006eb2baa75712bfe867bf5e4f09288a7d860a4623a4176338993b9ddfb4b
Confidence
100/100
Revoked
No
Valid from
04/09/2025 11:23
Valid until
31/08/2026 19:17
Pattern type
stix
Published
21/12/2025 17:00
Modified
21/12/2025 17:22
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = '6d6006eb2baa75712bfe867bf5e4f09288a7d860a4623a4176338993b9ddfb4b']

Labels / Tags

Labels: amsi bypass central asia dll injection downshell infrastructure kazakhstan oil and gas powershell russian threat actor spear-phishing

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • NoisyBear
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·