IOC Radar
IPMediumSignal 23/100

103.115.20.114

Location
IndonesiaIndonesia
Subang, 13
ASN
AS149925
PMYNET
First Seen
Jan 12, 2025
Last Seen
May 12, 2026
Jan 12
First Seen
528d ago
May 12
Last Seen
44d ago
10
Reports
source reports
23%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
23%
Signal Score
23 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Network Information

CountryIDIndonesia
RegionSubang, 13
ASNAS149925
OrganizationPMYNET

IP Category

Proxy
Proxy server

Feed Intelligence Summary

10 reports23% confidence
10
Source reports
23%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotantispamasiaattackbotnetbotnet activitybotnet iocsbotnet miraibotnet propagationbrute forcecommand and controlcommunication protocolcompromised credentialsconnected devicescowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackddos attacksdecoy systemdenial of servicedevice managementdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitationexploitation activityexploited hostgorillabothackingheralding attack patternididentity & access exploitationindicatorindonesiaindustrial iotinitial accessinjection activityinternet of thingsiocsiot analyticsiot applicationsiot botnetiot devicesiot platformsiot securityiot/ics attackipv4ircjapanlateral movementlinuxlog4jmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemirai botnetmirai internetnetworknetwork attacksnetwork protocolnetwork scanningnetwork securityoutlawphishingphishing attackphishing trapprocess injectionprotocol exploitationproxypython script activityreconnaissanceresearchedresource hijackingscannerscanning activitysentrypeer botnetsftp attacksmart devicessocial engineeringspamssh attackssh monitoringt1021t1021.001t1040t1041t1053.005t1055t1059t1059.004t1071t1071.001t1078t1078.001t1105t1110t1110.002t1190t1203t1204.002t1486t1496t1497t1497.001t1498.001t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltelecommunicationstelnet threatthingsthreat actorthreat intelligencetor nodetwittervoipvoip attackweb application attackweb exploitationweb spamxmrig

Activity Timeline

1 total obs
May 12May 12

Threat Activity Heatmap

· Peak: 2026-05-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
23
SIGNAL
Signal Score
23%
Confidence
10
Reports
First seenJan 12, 2025
Last seenMay 12, 2026
GeolocationID
CountryIndonesia
LocationSubang, 13
ASNAS149925
OrgPMYNET
Coords35.6887, 139.7450
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 103.115.20.0 - 103.115.20.255 netname: IDNIC-SWNETWORK-ID descr: PT Sakti Wijaya Network descr: Corporate / Direct Member IDNIC descr: Jl. Raya Cipunagara Haurgeulis descr: Desa Parigi Mulya, Parigi 2 RT13/RW05 descr: Cipunagara, Subang 41257 admin-c: AJK3-AP tech-c: AJK3-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-SWNETWORK mnt-irt: IRT-SWNETWORK-ID mnt-routes: MAINT-ID-SWNETWORK status: ALLOCATED PORTABLE geoloc: -6.462105465410944 107.86016841091839 last-modified: 2023-01-20T04:00:03Z source: APNIC irt: IRT-SWNETWORK-ID address: PT. Sakti Wijaya Network address: Jl.Raya Cipunagara Haurgeulis address: Desa Parigi Mulya, Parigi 2 RT13/RW05 address: Cipunagara, Subang 41257 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AJK3-AP tech-c: AJK3-AP auth: # Filtered mnt-by: MAINT-ID-SWNETWORK last-modified: 2022-07-21T04:09:04Z source: APNIC person: Asep Jaya Komara address: Jl.Raya Cipunagara Haurgeulis address: Desa Parigi Mulya, Parigi 2 RT13/RW05 address: Cipunagara, Subang 41257 country: ID phone: +62-823-20207506 e-mail: [email protected] nic-hdl: AJK3-AP mnt-by: MAINT-ID-SWNETWORK last-modified: 2022-07-21T04:10:49Z source: APNIC route: 103.115.20.0/24 descr: PMYNET origin: AS149925 mnt-by: MAINT-ID-SWNETWORK country: ID last-modified: 2023-01-20T04:00:25Z source: APNIC inetnum: 103.115.20.0 - 103.115.20.255 netname: IDNIC-SWNETWORK-ID descr: PT Sakti Wijaya Network descr: Corporate / Direct Member IDNIC descr: Jl. Raya Cipunagara Haurgeulis descr: Desa Parigi Mulya, Parigi 2 RT13/RW05 descr: Cipunagara, Subang 41257 admin-c: AJK3-AP tech-c: AJK3-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-SWNETWORK mnt-irt: IRT-SWNETWORK-ID mnt-routes: MAINT-ID-SWNETWORK status: ALLOCATED PORTABLE geoloc: -6.462105465410944 107.86016841091839 last-modified: 2023-01-17T07:11:45Z source: IDNIC irt: IRT-SWNETWORK-ID address: PT. Sakti Wijaya Network address: Jl.Raya Cipunagara Haurgeulis address: Desa Parigi Mulya, Parigi 2 RT13/RW05 address: Cipunagara, Subang 41257 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AJK3-AP tech-c: AJK3-AP auth: # Filtered mnt-by: MAINT-ID-SWNETWORK last-modified: 2022-09-22T03:53:12Z source: IDNIC person: Asep Jaya Komara address: Jl.Raya Cipunagara Haurgeulis address: Desa Parigi Mulya, Parigi 2 RT13/RW05 address: Cipunagara, Subang 41257 country: ID phone: +62-823-20207506 e-mail: [email protected] nic-hdl: AJK3-AP mnt-by: MAINT-ID-SWNETWORK last-modified: 2022-09-22T03:53:50Z source: IDNIC route: 103.115.20.0/24 descr: Route object of PT Sakti Wijaya Network - ISP origin: AS149925 mnt-by: MAINT-ID-SWNETWORK notify: [email protected] country: ID last-modified: 2025-06-07T07:51:02Z source: IDNIC
references
https://1275.ru/ioc/gs-25-19131-mirai-botnet-iocs_11023, https://1275.ru/ioc/gs-25-19129-mirai-botnet-iocs_11015, https://1275.ru/ioc/gs-25-19128-mirai-botnet-iocs_11001, https://1275.ru/ioc/gs-25-19127-mirai-botnet-iocs_10989, https://1275.ru/ioc/gs-25-19125-mirai-botnet-iocs_10956, https://1275.ru/ioc/gs-25-19126-mirai-botnet-iocs_10970, https://1275.ru/ioc/gs-25-18122-mirai-botnet-iocs_10913, https://1275.ru/ioc/gs-25-18120-mirai-botnet-iocs_10854, https://1275.ru/ioc/gs-25-18119-mirai-botnet-iocs_10829, https://1275.ru/ioc/gs-25-18118-mirai-botnet-iocs_10825, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs-2_10696, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs_10682, https://1275.ru/ioc/gs-25-17113-mirai-botnet-iocs_10658, https://1275.ru/ioc/gs-25-17112-mirai-botnet-iocs_10640, https://github.com/telekom-security/tpotce, https://1275.ru/ioc/gs-25-1490-mirai-botnet-iocs_10200

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 10 threat reports