216.73.216.226

Indicator (IOC)

stix AlienVault · Published 21/12/2025 19:07 · Modified 02/01/2026 02:08

Essential information

Value / Name
f099c5d9ec417d4445a0328ac0ada9cde79fc37410914103ae9c609cbc0ee068
Confidence
100/100
Revoked
No
Valid from
27/11/2025 04:00
Valid until
23/11/2026 11:54
Pattern type
stix
Published
21/12/2025 19:07
Modified
02/01/2026 02:08
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = 'f099c5d9ec417d4445a0328ac0ada9cde79fc37410914103ae9c609cbc0ee068']

Labels / Tags

Labels: automation aws azure backdoor cloud cloud credentials credential harvesting credential theft gcp github github actions npm package compromise persistence sha1-hulud shai-hulud shai-hulud 2.0 software development supply chain supply chain attack supply-chain attack worm

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Shai-Hulud
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·