216.73.216.36

Indicator (IOC)

stix AlienVault · Published 20/12/2025 19:37 · Modified 21/12/2025 17:45

Essential information

Value / Name
b03fe49036c3830f149135068ff54f5c6c6622008a6fcb7edbf6b352e9a0acc0
Confidence
100/100
Revoked
No
Valid from
24/09/2025 00:15
Valid until
20/09/2026 08:09
Pattern type
stix
Published
20/12/2025 19:37
Modified
21/12/2025 17:45
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = 'b03fe49036c3830f149135068ff54f5c6c6622008a6fcb7edbf6b352e9a0acc0']

Labels / Tags

Labels: apt asyncrat backdoordiplomacy chinese apt dll hijacking impersoni-fake-ator irafau manufacturing merlin naikon phishing pinkman plugx proxyshell quarian rainyday telecommunications torat turian webshells

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (2)

  • BackdoorDiplomacy
    The MITRE Corporation Confidence 100

    [BackdoorDiplomacy](https://attack.mitre.org/groups/G0135) is a cyber espionage threat group that has been active since at least 2017. [BackdoorDiplomacy](https://attack.mitre.org/groups/G0135) has targeted Ministries of Foreign Affairs and telecommunication companies in Africa, Europe,…

    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Naikon
    The MITRE Corporation Confidence 100

    [Naikon](https://attack.mitre.org/groups/G0019) is assessed to be a state-sponsored cyber espionage group attributed to the Chinese People’s Liberation Army’s (PLA) Chengdu Military Region Second Technical Reconnaissance Bureau (Military Unit Cover…

    First seen 01/01/1970 · Last seen 16/11/5138 ·