216.73.216.125

Indicator (IOC)

stix AlienVault · Published 16/01/2026 14:42 · Modified 21/02/2026 12:38

Essential information

Value / Name
42e3ad56799fbc8223fb8400f07313559299496bb80582a6cbae29cb376d96c3
Confidence
100/100
Revoked
No
Valid from
16/01/2026 14:31
Valid until
12/01/2027 22:25
Pattern type
stix
Published
16/01/2026 14:42
Modified
21/02/2026 12:38
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = '42e3ad56799fbc8223fb8400f07313559299496bb80582a6cbae29cb376d96c3']

Labels / Tags

Labels: active directory apt certipy china-nexus credential harvesting critical infrastructure cve-2025-53690 dwagent earthworm goexec gotokentheft impacket lateral movement rubeus sharphound zero-day

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • UAT-8837
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·