216.73.217.22

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 23:28 · Modified 20/12/2025 23:28

Essential information

Value / Name
e05cf4398f7996fc96c2ded2544098730ae78666183eb98ed9a163e8f0eba018
Confidence
100/100
Revoked
Yes
Valid from
31/01/2023 18:28
Valid until
05/05/2024 19:28
Pattern type
stix
Published
20/12/2025 23:28
Modified
20/12/2025 23:28
Author / Source
AlienVault

Description

JS:Dropper-AABB\ [Trj] SHA256 of ab1171752af289e9f85a918845859848

Pattern

[file:hashes.'SHA-256' = 'e05cf4398f7996fc96c2ded2544098730ae78666183eb98ed9a163e8f0eba018']

Labels / Tags

Labels: cobaltstrike fonelaunch gootkit gootloader malicious js obfuscation powershell registry manipulation snowcone unc2565

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • UNC2565
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·