216.73.216.128

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 19:56 · Modified 10/05/2026 04:36

Essential information

Value / Name
40bcd87bcd851c5c2d6e5c901c59312d480eed58b4ebb2981607c0d80c27b529
Confidence
100/100
Revoked
Yes
Valid from
13/05/2025 20:41
Valid until
10/05/2026 04:35
Pattern type
stix
Published
20/12/2025 19:56
Modified
10/05/2026 04:36
Author / Source
AlienVault

Description

Win.Malware.Gosys-10032614-0

Pattern

[file:hashes.'SHA-256' = '40bcd87bcd851c5c2d6e5c901c59312d480eed58b4ebb2981607c0d80c27b529']

Labels / Tags

Labels: clntend custom backdoor cxclnt drone industry fiber-based military sector screencap south korea supply chain attack taiwan tidrone campagin venfrpc venom campaign

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.