216.73.216.36

Indicator (IOC)

stix AlienVault · Published 21/12/2025 19:07 · Modified 02/01/2026 02:08

Essential information

Value / Name
a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901a
Confidence
100/100
Revoked
No
Valid from
27/11/2025 04:00
Valid until
23/11/2026 11:54
Pattern type
stix
Published
21/12/2025 19:07
Modified
02/01/2026 02:08
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = 'a3894003ad1d293ba96d77881ccd2071446dc3f65f434669b49b3da92421901a']

Labels / Tags

Labels: automation aws azure backdoor cloud credential harvesting credential theft exfiltration gcp github npm shai-hulud shai-hulud 2.0 shai-hulud v2 supply chain supply-chain attack worm

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • Shai-Hulud
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·