216.73.216.6

Indicator (IOC)

stix AlienVault · Published 20/12/2025 19:58 · Modified 27/03/2026 01:11

Essential information

Value / Name
8f4bca3c62268fff0458322d111a511e0bcfba255d5ab78c45973bd293379901
Confidence
100/100
Revoked
No
Valid from
03/09/2025 19:31
Valid until
31/08/2026 03:25
Pattern type
stix
Published
20/12/2025 19:58
Modified
27/03/2026 01:11
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = '8f4bca3c62268fff0458322d111a511e0bcfba255d5ab78c45973bd293379901']

Labels / Tags

Labels: apt28 backdoor c2 critical infrastructure cve-2026-21509 cve-2026-21513 dll side-loading dll sideloading exfiltration minidoor nato notdoor obfuscation outlook outlook macros persistence powershell prismex prismexdrop prismexloader prismexstager registry modification steganography supply chain ukraine vba macro

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • APT28 (Fancy Bear)
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·