216.73.217.22

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 01:19 · Modified 30/01/2026 18:50

Essential information

Value / Name
chinesekungfu.org
Confidence
100/100
Revoked
Yes
Valid from
04/09/2025 19:54
Valid until
30/01/2026 18:50
Pattern type
stix
Published
21/12/2025 01:19
Modified
30/01/2026 18:50
Author / Source
AlienVault

Description

No description.

Pattern

[domain-name:value = 'chinesekungfu.org']

Labels / Tags

Labels: .net 1th troy reverse shell andardoor black rat clickfix contagiousdrop cryptocurrency cyber espionage durianbeacon go programming language goat rat infrastructure monitoring innorix agent job seeker targeting lazarus north korea nukesped rdp rust social engineering tigerrat

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Andariel Silent ChollimaPLUTONIUM
    The MITRE Corporation Confidence 100

    [Andariel](https://attack.mitre.org/groups/G0138) is a North Korean state-sponsored threat group that has been active since at least 2009. [Andariel](https://attack.mitre.org/groups/G0138) has primarily focused its operations--which have included destructive attacks--against South Korean…

    First seen 01/01/1970 · Last seen 16/11/5138 ·