216.73.217.98

Indicator (IOC)

stix AlienVault · Published 03/02/2026 10:49 · Modified 27/03/2026 01:11

Essential information

Value / Name
9f4672c1374034ac4556264f0d4bf96ee242c0b5a9edaa4715b5e61fe8d55cc8
Confidence
100/100
Revoked
No
Valid from
02/02/2026 23:44
Valid until
30/01/2027 07:38
Pattern type
stix
Published
03/02/2026 10:49
Modified
27/03/2026 01:11
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = '9f4672c1374034ac4556264f0d4bf96ee242c0b5a9edaa4715b5e61fe8d55cc8']

Labels / Tags

Labels: apt28 com hijacking covenant covenant grunt critical infrastructure cve-2026-21509 cve-2026-21513 eu filen filen api microsoft office minidoor nato notdoor operation neusploit pixynetloader prismex prismexdrop prismexloader prismexstager rtf exploit steganography supply chain ukraine webdav

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • UAC-0001 (APT28)
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·