216.73.216.6

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 01:40 · Modified 21/12/2025 03:30

Essential information

Value / Name
58626a9bfb48cd30acd0d95debcaefd188ae794e1e0072c5bde8adae9bccafa6
Confidence
100/100
Revoked
Yes
Valid from
29/02/2024 19:57
Valid until
03/06/2025 20:57
Pattern type
stix
Published
21/12/2025 01:40
Modified
21/12/2025 03:30
Author / Source
AlienVault

Description

Ransom:Win32/Phobos.PC!MTB SHA256 of cb37b10b209ab38477d2e17f21cae12a1cb2adf0

Pattern

[file:hashes.'SHA-256' = '58626a9bfb48cd30acd0d95debcaefd188ae794e1e0072c5bde8adae9bccafa6']

Labels / Tags

Labels: 8base education faust fileless attack healthcare ms excel municipal phishing phobos raas ransomware ransomware attack rdp remote access shellcode trojan vba script

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Phobos
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·