216.73.216.233

Indicator (IOC)

stix Revoked AlienVault · Published 19/01/2026 10:28 · Modified 15/02/2026 03:16

Essential information

Value / Name
http://cgky6bn6ux5wvlybtmm3z255igt52ljml2ngnc5qp3cnw5jlglamisad.onion/route.php
Confidence
100/100
Revoked
Yes
Valid from
16/01/2026 21:33
Valid until
15/02/2026 03:16
Pattern type
stix
Published
19/01/2026 10:28
Modified
15/02/2026 03:16
Author / Source
AlienVault

Description

No description.

Pattern

[url:value = 'http://cgky6bn6ux5wvlybtmm3z255igt52ljml2ngnc5qp3cnw5jlglamisad.onion/route.php']

Labels / Tags

Labels: acrstealer cryptocurrency theft dll sideloading infostealer lummac2 pyagent python abuse seo poisoning stealc tor toragent

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.