216.73.217.22

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 23:24 · Modified 21/12/2025 00:02

Essential information

Value / Name
http://45.61.137.32/Scanned_document.exe
Confidence
100/100
Revoked
Yes
Valid from
14/03/2023 20:38
Valid until
30/04/2023 21:38
Pattern type
stix
Published
20/12/2025 23:24
Modified
21/12/2025 00:02
Author / Source
AlienVault

Description

No description.

Pattern

[url:value = 'http://45.61.137.32/Scanned_document.exe']

Labels / Tags

Labels: android autoit avemaria bitter confucius espionage government infostealer kasablanka lazarus loda rat lodarat meterpreter phishing qianxin threat russia stink telegram trojan ukraine warzone warzone rat winscp yorotrooper

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (2)

  • Kasablanka
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • YoroTrooper
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·