216.73.217.98

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 01:24 · Modified 21/12/2025 06:55

Essential information

Value / Name
5e0f28bd2d49b73e96a87f5c20283ebe030f4bb39b3107d4d68015dce862991d
Confidence
100/100
Revoked
Yes
Valid from
09/09/2024 10:02
Valid until
13/12/2025 09:02
Pattern type
stix
Published
21/12/2025 01:24
Modified
21/12/2025 06:55
Author / Source
AlienVault

Description

TEL:Win32/Golly.A SHA256 of 896e0f54fc67d72d94b40d7885f10c51

Pattern

[file:hashes.'SHA-256' = '5e0f28bd2d49b73e96a87f5c20283ebe030f4bb39b3107d4d68015dce862991d']

Labels / Tags

Labels: ballistic bobcat brazil c server cadet blizzard chisel ember bear enigma frozenvista gru unit 29155 israel mimikatz plink procdump shell tips uac-0056 unc2589 united arab userprofile whispergate windir

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Sponsoring Access
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·