216.73.217.80

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 12:43 · Modified 02/03/2026 00:58

Essential information

Value / Name
514933468ac1dd9f7db4e2693f1be7f84deb35c33f8f9934fad32caaae9ef611
Confidence
100/100
Revoked
Yes
Valid from
05/03/2025 17:04
Valid until
02/03/2026 00:58
Pattern type
stix
Published
21/12/2025 12:43
Modified
02/03/2026 00:58
Author / Source
AlienVault

Description

BackdoorWin32CosmicDuke

Pattern

[file:hashes.'SHA-256' = '514933468ac1dd9f7db4e2693f1be7f84deb35c33f8f9934fad32caaae9ef611']

Labels / Tags

Labels: agent c2 server corrupt pdf phishing screen capture team uacme valleyrat wechat

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.