216.73.216.6

Indicator (IOC)

stix Revoked AlienVault · Published 27/01/2026 17:14 · Modified 25/02/2026 18:32

Essential information

Value / Name
http://45.144.165.65/BUIEFuiHFUEIuioKLWENFUoi878UIESf/MUEWGHui897hjkhsjdkHfjegfdh/67jksaebyut8seuhfjgfdgdfhet4SEDGF/Tools/getlogindataedge.exe
Confidence
100/100
Revoked
Yes
Valid from
27/01/2026 12:49
Valid until
25/02/2026 18:32
Pattern type
stix
Published
27/01/2026 17:14
Modified
25/02/2026 18:32
Author / Source
AlienVault

Description

No description.

Pattern

[url:value = 'http://45.144.165.65/BUIEFuiHFUEIuioKLWENFUoi878UIESf/MUEWGHui897hjkhsjdkHfjegfdh/67jksaebyut8seuhfjgfdgdfhet4SEDGF/Tools/getlogindataedge.exe']

Labels / Tags

Labels: apt backdoor coolclient credential stealing data theft government luminousmoth plugx qreverse southeast asia toneshell

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • HoneyMyte
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·