216.73.216.36

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 13:03 · Modified 27/03/2026 01:22

Essential information

Value / Name
cbb84155467087c4da2ec411463e4af379582bb742ce7009156756482868859c
Confidence
100/100
Revoked
Yes
Valid from
25/03/2025 22:10
Valid until
22/03/2026 06:03
Pattern type
stix
Published
21/12/2025 13:03
Modified
27/03/2026 01:22
Author / Source
AlienVault

Description

RansomWin32Betisrypt

Pattern

[file:hashes.'SHA-256' = 'cbb84155467087c4da2ec411463e4af379582bb742ce7009156756482868859c']

Labels / Tags

Labels: backdoor c&c cve-2025-26633 darkwisp disease vector encrypthub encrypthub stealer encryptrat github information stealer infostealer kematian stealer labinstalls lolbins msc eviltwin pay-per-install powershell rhadamanthys sha256 silentprism stealc stealer trojanspy water gamayun windows zero-day

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (2)

  • EncryptHub
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Water Gamayun
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·