IOC Radar
IPMediumSignal 49/100

103.171.1.95

Location
VietnamVietnam
Hanoi, Hanoi
ASN
AS63737
YUH Application Software Company Limited
First Seen
Apr 29, 2023
Last Seen
May 1, 2026
Apr 29
First Seen
1153d ago
May 1
Last Seen
56d ago
17
Reports
source reports
49%
Confidence
medium
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
49%
Signal Score
49 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Network Information

CountryVNVietnam
RegionHanoi, Hanoi
ASNAS63737
OrganizationYUH Application Software Company Limited

Feed Intelligence Summary

17 reports49% confidence
17
Source reports
49%
Confidence score
Category tags
abuseaccessactive scanactive scanningasiaattackbad reputationbad web botblacklisted ipbot trafficbotnetbotnet activitybrute forcebrute force attackbrute force attemptsbruteforcec2centoscisco devicecommand & controlcommand and controlcompromised devicecompromised hostcompromised systemconnectcowriecowrie honeypotcowrie honeypot datacredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposureddosdecoy systemdenial of servicedevice managementdistributed attacksdrive-by compromiseemailenergyenterprise networkingexploitexploitation activityexploitation attemptsfailedfileftpgithubgroupshackinghoneytrap honeypotidentity & access exploitationindicatorinformation technologyinjection activityintrusion detectionlamplamp attackmailoney attackmailoney honeypotmalicious activitymalicious domainmalicious softwaremalicious trafficmalwaremalware distributionmysqlnetworknetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork probingnetwork scanningnetwork securitynetwork service scanningnetwork trafficnginxopensshpassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationpythonreconnaissanceremote servicesresearchedscannerscanning activityscriptsecurity operationsserverservice scansftpsftp attacksftp exploit attemptslugsmtpsocial engineeringsshssh attackssh monitoringsurface webt1016t1021t1021.004t1040t1041t1046t1047t1053.005t1055t1057t1059t1059.001t1059.004t1068t1071t1071.001t1071.004t1078t1078.001t1078.002t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1497.001t1499t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1595t1595.001t1595.002t1595.003telnet threatthreat actorthreat detectionthreat intelligencetor nodeubuntuunauthorized access attemptuploadviet namvietnamvnweb application attackweb exploitationweb server attackszabbix

Activity Timeline

1 total obs
May 1May 1

Threat Activity Heatmap

· Peak: 2026-05-01
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
49
SIGNAL
Signal Score
49%
Confidence
17
Reports
First seenApr 29, 2023
Last seenMay 1, 2026
GeolocationVN
CountryVietnam
LocationHanoi, Hanoi
ASNAS63737
OrgYUH Application Software Company Limited
Coords0.0000, 0.0000

VirusTotal

Not checked

WHOIS

raw
inetnum: 103.171.0.0 - 103.171.1.255 netname: YUH-VN descr: YUH APPLICATION SOFTWARE COMPANY LIMITED descr: 58 Thai Thinh 2, Thinh Quang, Dong Da, Ha Noi admin-c: LTD7-AP tech-c: NNA74-AP country: VN mnt-by: MAINT-VN-VNNIC mnt-lower: MAINT-VN-VNNIC mnt-irt: IRT-VNNIC-AP status: ALLOCATED PORTABLE last-modified: 2021-08-03T09:03:52Z source: APNIC irt: IRT-VNNIC-AP address: Ha Noi, VietNam phone: +84-24-35564944 fax-no: +84-24-37821462 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTTT1-AP tech-c: NTTT1-AP auth: # Filtered mnt-by: MAINT-VN-VNNIC last-modified: 2017-11-08T09:40:06Z source: APNIC person: Le Tung Duong address: 58 Thai Thinh 2, Thinh Quang, Dong Da, Ha Noi country: VN phone: +84-971768565 e-mail: [email protected] nic-hdl: LTD7-AP mnt-by: MAINT-VN-VNNIC last-modified: 2021-08-03T09:01:19Z source: APNIC person: Nguyen Ngoc An address: 96B/1149 Lang, Lang Thuong, Dong, Ha Noi country: VN phone: +84-971686999 e-mail: [email protected] nic-hdl: NNA74-AP mnt-by: MAINT-VN-VNNIC last-modified: 2021-08-03T09:00:15Z source: APNIC route: 103.171.0.0/23 descr: YUH-VN origin: AS63737 mnt-by: MAINT-VN-VNNIC last-modified: 2021-08-05T08:04:41Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 1 month ago
Appeared in 17 threat reports