216.73.216.125

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 04:14 · Modified 21/12/2025 08:31

Essential information

Value / Name
18bad57109ac9be968280ea27ae3112858e8bc18c3aec02565f4c199a7295f3a
Confidence
100/100
Revoked
Yes
Valid from
16/11/2024 16:01
Valid until
12/11/2025 23:54
Pattern type
stix
Published
21/12/2025 04:14
Modified
21/12/2025 08:31
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = '18bad57109ac9be968280ea27ae3112858e8bc18c3aec02565f4c199a7295f3a']

Labels / Tags

Labels: apt chinese hackers chinese threat actor credential theft deepdata deeppost dropper espionage exploit forticlient implant ios lightspy macos plugins post-exploitation southern asia surveillance vpn zero-day

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (3)

  • APT 41
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • BrazenBamboo
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • LightSpy Group
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·