216.73.216.133

Indicator (IOC)

stix AlienVault · Published 01/07/2026 09:05 · Modified 01/07/2026 09:05

Essential information

Value / Name
http://154.92.16.22/xz.bin
Confidence
100/100
Revoked
No
Valid from
01/07/2026 09:00
Valid until
30/07/2026 14:43
Pattern type
stix
Published
01/07/2026 09:05
Modified
01/07/2026 09:05
Author / Source
AlienVault

Description

No description.

Pattern

[url:value = 'http://154.92.16.22/xz.bin']

Labels / Tags

Labels: chinese targets dll sideloading donut shellcode fake installers japanese targets phishing emails process injection valleyrat

Marking (TLP)

TLP:CLEAR