216.73.216.31

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 03:30 · Modified 21/12/2025 13:09

Essential information

Value / Name
0e2263d4f239a5c39960ffa6b6b688faa7fc3075e130fe0d4599d5b95ef20647
Confidence
100/100
Revoked
Yes
Valid from
01/10/2024 21:25
Valid until
28/09/2025 05:19
Pattern type
stix
Published
21/12/2025 03:30
Modified
21/12/2025 13:09
Author / Source
AlienVault

Description

Trojan.Agent-134041 SHA256 of bbcf7a68f4164a9f5f5cb2d9f30d9790

Pattern

[file:hashes.'SHA-256' = '0e2263d4f239a5c39960ffa6b6b688faa7fc3075e130fe0d4599d5b95ef20647']

Labels / Tags

Labels: android apt aws babuk backdoor banking bat scripts blankstealer blue yonder boost.beast cerberus chisel chromepass cloud security coin miner command-and-control communication skills credential theft cve-2023-38831 cve-2024-21412 cyber attacks cyber espionage cyberespionage cybersecurity data exfiltration dc rat defense dll file double extortion dropper

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (4)

  • DONOT
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Head Mare
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • HeptaX
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • termite
    Ransomware.Live Confidence 100

    No description available

    First seen 01/01/1970 · Last seen 16/11/5138 ·