216.73.216.133

Indicator (IOC)

stix AlienVault · Published 20/12/2025 19:40 · Modified 14/01/2026 16:17

Essential information

Value / Name
e97bdf7fafb1cb2a2bf0a4e14f51e18a34f3ff2f6f7b99731e93070d50801bef
Confidence
100/100
Revoked
No
Valid from
09/12/2025 18:09
Valid until
06/12/2026 02:03
Pattern type
stix
Published
20/12/2025 19:40
Modified
14/01/2026 16:17
Author / Source
AlienVault

Description

ConventionEngine_Term_Desktop SHA256 of 28400c267815762e49c200e8b481a592c67f9cf7

Pattern

[file:hashes.'SHA-256' = 'e97bdf7fafb1cb2a2bf0a4e14f51e18a34f3ff2f6f7b99731e93070d50801bef']

Labels / Tags

Labels: blackcat cobalt strike credential dumping cve-2016-0099 cve-2017-0213 cve-2018-8639 cve-2019-1388 cve-2020-0787 cve-2020-0796 cve-2020-1066 cve-2021-41379 cve-2022-24521 cve-2025-7771 guloader hive lazagne makop network scanning nokoyawa petitpotato privilege escalation psexec ransomware ransomware-as-a-service (raas) rclone rdp exploitation royal ransomware softperfect network scanner

Marking (TLP)

TLP:CLEAR