216.73.216.226

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 23:08 · Modified 20/12/2025 23:08

Essential information

Value / Name
9aa39497b7b2d883a40ff9619f1f0f9052ff19c5f612cfbfe1cc2331c70fd054
Confidence
100/100
Revoked
Yes
Valid from
20/12/2022 23:58
Valid until
24/03/2024 23:58
Pattern type
stix
Published
20/12/2025 23:08
Modified
20/12/2025 23:08
Author / Source
AlienVault

Description

SLF:Win32/LnkFileWithMshta.A

Pattern

[file:hashes.'SHA-256' = '9aa39497b7b2d883a40ff9619f1f0f9052ff19c5f612cfbfe1cc2331c70fd054']

Labels / Tags

Labels: apt dns flux gamaredon maldocs phishing russia trident ursa ukraine

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Trident Ursa
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·