216.73.216.133

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 00:02 · Modified 21/12/2025 00:02

Essential information

Value / Name
http://45.61.136.64/update.exe
Confidence
100/100
Revoked
Yes
Valid from
14/03/2023 20:38
Valid until
30/04/2023 21:38
Pattern type
stix
Published
21/12/2025 00:02
Modified
21/12/2025 00:02
Author / Source
AlienVault

Description

PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows 4f237b5aa3ff4fc4e3014f693c27a1cba94fc24f3a6054c28d090592343c06a2

Pattern

[url:value = 'http://45.61.136.64/update.exe']

Labels / Tags

Labels: avemaria espionage infostealer lodarat meterpreter phishing stink telegram warzone yorotrooper

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.