216.73.216.226

Indicator (IOC)

stix AlienVault · Published 21/12/2025 16:50 · Modified 08/01/2026 19:01

Essential information

Value / Name
961ac6942c41c959be471bd7eea6e708f3222a8a607b51d59063d5c58c54a38d
Confidence
100/100
Revoked
No
Valid from
28/08/2025 12:25
Valid until
24/08/2026 20:19
Pattern type
stix
Published
21/12/2025 16:50
Modified
08/01/2026 19:01
Author / Source
AlienVault

Description

No description.

Pattern

[file:hashes.'SHA-256' = '961ac6942c41c959be471bd7eea6e708f3222a8a607b51d59063d5c58c54a38d']

Labels / Tags

Labels: backdoor bulbature c2 servers china-nexus dns trigger driveswitch dual-process guardian encryption espionage icmp trigger mystrodx passive mode redleaves rushdrop shadowpad silentraid stealth telecommunications

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • UAT-7290
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·