216.73.216.36

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 19:57 · Modified 25/06/2026 21:17

Essential information

Value / Name
luckybear669.kozow.com
Confidence
100/100
Revoked
Yes
Valid from
21/07/2025 12:34
Valid until
25/06/2026 21:17
Pattern type
stix
Published
20/12/2025 19:57
Modified
25/06/2026 21:17
Author / Source
AlienVault

Description

No description.

Pattern

[hostname:value = 'luckybear669.kozow.com']

Labels / Tags

Labels: antivirus exploitation apt backdoor deedrat dll side-loading dll sideloading netagent obfuscation persistence phishing

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (2)

  • Chinese APTs
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Salt Typhoon
    The MITRE Corporation Confidence 100

    [Salt Typhoon](https://attack.mitre.org/groups/G1045) is a People's Republic of China (PRC) state-backed actor that has been active since at least 2019 and responsible for numerous compromises of network infrastructure at…

    First seen 01/01/1970 · Last seen 16/11/5138 ·