216.73.216.233

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 05:20 · Modified 21/12/2025 12:55

Essential information

Value / Name
92804faaab2175dc501d73e814663058c78c0a042675a8937266357bcfb96c50
Confidence
100/100
Revoked
Yes
Valid from
23/09/2024 17:29
Valid until
20/09/2025 01:23
Pattern type
stix
Published
21/12/2025 05:20
Modified
21/12/2025 12:55
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = '92804faaab2175dc501d73e814663058c78c0a042675a8937266357bcfb96c50']

Labels / Tags

Labels: apt babuk babyk belarus chaos cobalt strike cobint credential harvesting cve-2021-26855 cve-2023-38831 durianbeacon facefish hacktivism hacktivists infrastructure sharing lateral movement lockbit lockbit 3.0 meterpreter mimikatz multirdp phantomcore phantomdl phantomjitter phishing ransomware russia shamoon smalltiger vasa locker

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (5)

  • Crypt Ghouls
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Head Mare
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Head Mare and Twelve
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Kimsuky and Andariel
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Twelve
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·