216.73.216.133

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 19:33 · Modified 20/12/2025 19:58

Essential information

Value / Name
http://45.32.108.54:443/VMwareXferlogs.exe
Confidence
100/100
Revoked
Yes
Valid from
29/04/2022 12:39
Valid until
15/06/2022 12:39
Pattern type
stix
Published
20/12/2025 19:33
Modified
20/12/2025 19:58
Author / Source
AlienVault

Description

No description.

Pattern

[url:value = 'http://45.32.108.54:443/VMwareXferlogs.exe']

Labels / Tags

Labels: cobalt strike lockbit raas ransomware stealbit vmware xfer winscp

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.