216.73.217.172

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 19:36 · Modified 20/12/2025 22:40

Essential information

Value / Name
cbaf79fb116bf2e529dd35cf1d396aa44cb6fcfa6d8082356f7d384594155596
Confidence
100/100
Revoked
Yes
Valid from
05/12/2022 22:33
Valid until
09/03/2024 22:33
Pattern type
stix
Published
20/12/2025 19:36
Modified
20/12/2025 22:40
Author / Source
AlienVault

Description

RAR_Archive

Pattern

[file:hashes.'SHA-256' = 'cbaf79fb116bf2e529dd35cf1d396aa44cb6fcfa6d8082356f7d384594155596']

Labels / Tags

Labels: cobalt strike curl dll side-loading fileless in-memory evasion koboldloader lithiumloader magnetloader masquerading os structure powershell reverse http shell shellcode hashing smb beacon

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.