216.73.216.233

Indicator (IOC)

stix Revoked AlienVault · Published 21/12/2025 04:15 · Modified 23/01/2026 21:53

Essential information

Value / Name
18051333e658c4816ff3576a2e9d97fe2a1196ac0ea5ed9ba386c46defafdb88
Confidence
100/100
Revoked
Yes
Valid from
27/01/2025 13:59
Valid until
23/01/2026 21:53
Pattern type
stix
Published
21/12/2025 04:15
Modified
23/01/2026 21:53
Author / Source
AlienVault

Description

SLF:Trojan:PowerShell/PSExploitCredAPI.A

Pattern

[file:hashes.'SHA-256' = '18051333e658c4816ff3576a2e9d97fe2a1196ac0ea5ed9ba386c46defafdb88']

Labels / Tags

Labels: akira cobalt strike confluence credential theft cve-2023-22527 exfiltration ghostsocks lateral movement lockbit ransomware rclone rdp systembc

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • LockBit
    AlienVault Confidence 100
    First seen 01/01/1970 · Last seen 16/11/5138 ·