IOC Radar
IPMediumSignal 32/100

103.112.255.117

Location
IndiaIndia
Patna, BR
ASN
AS137139
Cybernet Introtech Private Limited
First Seen
Jan 10, 2024
Last Seen
Mar 31, 2026
Jan 10
First Seen
885d ago
Mar 31
Last Seen
74d ago
9
Reports
source reports
32%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
32%
Signal Score
32 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryINIndia
RegionPatna, BR
ASNAS137139
OrganizationCybernet Introtech Private Limited

Feed Intelligence Summary

9 reports32% confidence
9
Source reports
32%
Confidence score
Category tags
active scanactive scanningasiaattackaustraliaauthentication failurebotnetbotnet activitybrute forcecommand and controlcommunication protocolcompromised credentialscompromised hostcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdata store exposuredatabase securityddosdecoy systemdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitexploitation activityexploitation attemptexploitation attemptsfattftpheralding attack patternhoneytrap honeypothttp scanneridentity & access exploitationinindiaindicatorinjection activityiot securitylateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsnetworknetwork scanningnetwork securitynetwork traffic analysisoceaniap0fphishingphishing attackphishing trapprocess injectionprotocol exploitationpython script activityreconnaissanceremote accessresearchedresource hijackingscannerscanning activitysensor-taggedsentrypeer botnetsftp access attemptsftp attacksip brute forcesmtpsocial engineeringspamssh attackssh monitoringt-pott1021t1021.004t1040t1041t1055t1059t1071.001t1078t1110t1110.001t1110.002t1110.003t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1583t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencetor nodetpotvoipvoip attackvulnerability scanweb traffic

Activity Timeline

1 total obs
Mar 31Mar 31

Threat Activity Heatmap

· Peak: 2026-03-31
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
32
SIGNAL
Signal Score
32%
Confidence
9
Reports
First seenJan 10, 2024
Last seenMar 31, 2026
GeolocationIN
CountryIndia
LocationPatna, BR
ASNAS137139
OrgCybernet Introtech Private Limited
Coords26.1192, 85.3963

VirusTotal

Not checked

WHOIS

description
2025-04-21T19:55:22.129Z Honeypot : Heralding : Source: 103.112.255.117 : Username/Password: adMIn4131/12345678 Port: 1080 Message: 2025-04-21 19:55:22.129393,c26439fa-daa3-49f9-9df8-db1a69953263,38aec8d0-2807-4ec9-8920-839e267a697c,103.112.255.117,39386,99.18.26.18,1080,socks5,adMIn4131,12345678,
raw
inetnum: 103.112.252.0 - 103.112.255.255 netname: CYBERNET descr: Cybernet Introtech Private Limited admin-c: MK1294-AP tech-c: NE64-AP country: IN mnt-by: MAINT-IN-IRINN mnt-irt: IRT-CYBERNET-IN mnt-routes: MAINT-IN-CYBERNET status: ALLOCATED PORTABLE last-modified: 2018-04-06T10:43:48Z source: APNIC irt: IRT-CYBERNET-IN address: 5TH FLOOR, NILAM COMPLEX, HARISABHA ROAD, WARD NO 35, POST- RAMNA,Muzaffarpur,Bihar-842002 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NE64-AP tech-c: NE64-AP auth: # Filtered mnt-by: MAINT-IN-CYBERNET last-modified: 2018-04-06T10:38:15Z source: APNIC role: Network Engineer address: 5TH FLOOR, NILAM COMPLEX, HARISABHA ROAD, WARD NO 35, POST- RAMNA,Muzaffarpur,Bihar-842002 country: IN phone: +91 9304220886 e-mail: [email protected] admin-c: MK1294-AP tech-c: MK1294-AP nic-hdl: NE64-AP mnt-by: MAINT-IN-CYBERNET last-modified: 2018-04-06T10:39:17Z source: APNIC person: MANOJ KUMAR address: 5TH FLOOR, NILAM COMPLEX, HARISABHA ROAD, WARD NO 35, POST- RAMNA,Muzaffarpur,Bihar-842002 country: IN phone: +91 9304220886 e-mail: [email protected] nic-hdl: MK1294-AP mnt-by: MAINT-IN-CYBERNET last-modified: 2018-04-06T10:39:55Z source: APNIC route: 103.112.255.0/24 descr: Cybernet Introtech Private Limited origin: AS137139 mnt-by: MAINT-IN-CYBERNET mnt-routes: MAINT-IN-CYBERNET last-modified: 2018-04-09T07:54:28Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 2 months ago
Appeared in 9 threat reports