216.73.216.36

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 19:57 · Modified 07/06/2026 05:15

Essential information

Value / Name
b85ffc8af90d4312aca9a81e0da00aabe6278fd9c92e933aec7e2da80c2c1f7e
Confidence
100/100
Revoked
Yes
Valid from
10/06/2025 21:21
Valid until
07/06/2026 05:14
Pattern type
stix
Published
20/12/2025 19:57
Modified
07/06/2026 05:15
Author / Source
AlienVault

Description

ALF:Trojan:MSIL/AgentTesla.SD!MTB SHA256 of 272cf34e8db2078a3170cf0e54255d89785e3c50

Pattern

[file:hashes.'SHA-256' = 'b85ffc8af90d4312aca9a81e0da00aabe6278fd9c92e933aec7e2da80c2c1f7e']

Labels / Tags

Labels: apt backdoor cyberespionage flog iis module iran iraq kurdistan laret pinar primecache rdat reverse tunnel shahmaran slippery snakelet whisper

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • BladedFeline
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·