216.73.217.172

Indicator (IOC)

stix Revoked AlienVault · Published 20/12/2025 19:36 · Modified 20/12/2025 22:40

Essential information

Value / Name
fc4b842b4f6a87df3292e8634eefc935657edf78021b79f9763548c74a4d62b8
Confidence
100/100
Revoked
Yes
Valid from
05/12/2022 22:33
Valid until
09/03/2024 22:33
Pattern type
stix
Published
20/12/2025 19:36
Modified
20/12/2025 22:40
Author / Source
AlienVault

Description

Win64:TrojanX-gen\ [Trj]

Pattern

[file:hashes.'SHA-256' = 'fc4b842b4f6a87df3292e8634eefc935657edf78021b79f9763548c74a4d62b8']

Labels / Tags

Labels: cobalt strike curl dll side-loading fileless in-memory evasion koboldloader lithiumloader magnetloader masquerading os structure powershell reverse http shell shellcode hashing smb beacon

Marking (TLP)

TLP:CLEAR

Related entities

No linked attack reports or intrusion sets yet.