216.73.216.6

Indicator (IOC)

stix AlienVault · Published 20/12/2025 19:34 · Modified 21/12/2025 17:59

Essential information

Value / Name
36bc32becf287402bf0e9c918de22d886a74c501a33aa08dcb9be2f222fa6e24
Confidence
100/100
Revoked
No
Valid from
29/09/2025 18:37
Valid until
26/09/2026 02:30
Pattern type
stix
Published
20/12/2025 19:34
Modified
21/12/2025 17:59
Author / Source
AlienVault

Description

Exploit:Win32/CVE-2020-1472!MSR

Pattern

[file:hashes.'SHA-256' = '36bc32becf287402bf0e9c918de22d886a74c501a33aa08dcb9be2f222fa6e24']

Labels / Tags

Labels: backconnect brute ratel c4 brute-ratel cobalt strike cobalt-strike credential-harvesting cuba ransomware data-exfiltration javascript kerbercache lateral-movement latrodectus ransomware romcom tropical scorpius unc2596 zerologon

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Tropical Scorpius
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·