216.73.216.6

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 19:39 · Modified 21/12/2025 00:43

Essential information

Value / Name
https://letsvpnaa.com/letsv-vpn3.2.5.exe
Confidence
100/100
Revoked
Yes
Valid from
19/06/2023 16:47
Valid until
05/08/2023 16:47
Pattern type
stix
Published
20/12/2025 19:39
Modified
21/12/2025 00:43
Author / Source
AlienVault

Description

No description.

Pattern

[url:value = 'https://letsvpnaa.com/letsv-vpn3.2.5.exe']

Labels / Tags

Labels: account hijacking backdoor backdoor.farfli blackmoon cril farfli farfli backdoor gaming keylogging kingsoft krbanker letsgo letsgo network letsvpn letsvpn website phishing remote access spyware vpn web injection windows

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.