216.73.216.233

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 20:00 · Modified 21/12/2025 15:33

Essential information

Value / Name
0112e3b20872760dda5f658f6b546c85f126e803e27f0577b294f335ffa5a298
Confidence
100/100
Revoked
Yes
Valid from
02/11/2024 02:03
Valid until
29/10/2025 09:56
Pattern type
stix
Published
20/12/2025 20:00
Modified
21/12/2025 15:33
Author / Source
AlienVault

Description

SHA256 of fdb92fac37232790839163a3cae5f37372db7235

Pattern

[file:hashes.'SHA-256' = '0112e3b20872760dda5f658f6b546c85f126e803e27f0577b294f335ffa5a298']

Labels / Tags

Labels: av/edr bypass blacksuit byovd cobalt strike conti cortex xdr cve-2020-1472 cve-2021-34527 cve-2021-42278 cve-2021-42287 cve-2024-1709 cybercrime forums data exfiltration data extortion encryption exfiltration extortion healthcare karakurt log4shell mimikatz phishing pinkslipbot qakbot qbot quackbot ransomware rclone rubeus safetykatz

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (3)

  • Black Basta
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • BlackSuit
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·
  • Karakurt
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·