IOC Radar
IPMediumSignal 100/100

103.248.40.194

Location
CambodiaCambodia
Phnom Penh, 12
ASN
AS17726
Telecom Cambodia (T.C.)
First Seen
Sep 21, 2024
Last Seen
Mar 10, 2026
Sep 21
First Seen
630d ago
Mar 10
Last Seen
94d ago
19
Reports
source reports
99%
Confidence
medium
Found in 19 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

55 techniques

Network Information

CountryKHCambodia
RegionPhnom Penh, 12
ASNAS17726
OrganizationTelecom Cambodia (T.C.)

Feed Intelligence Summary

19 reports99% confidence
19
Source reports
99%
Confidence score
Category tags
abuseaccess controlaccount accessaccount brute forceaccount enumerationactive scanningadresse ipagricultural supply chainagricultural technologyagriculture, forestry, fishing and huntingatif feedattackauto-generated securityazureazure adbank securitybankingbanlist feedbelgiumbinary defenseblog spambotnetbotnet activity detectedbrute forcebrute force attackbrute force attemptbrute force attemptsbrute-force attackc2 communicationc2 servercambodiacommand and controlcommunication protocolcompromised hostscredential accesscredential harvestingcredential stuffingcredit card servicescrop productionctadata exfiltrationdata theftddosddos attackdenial of servicedistributed attackseuropeexploitationexploited hostfailed authenticationfarmingfinancefinancial institutionfinancial servicesfinancial technologyfinlandfinland activityfood productionfranceftp brute forceftp brute-forcegermanyhackingheng technologyholdinghoneynet connecthonk gonkhttp brute forceimapimap attackimap brute forceindicatorinformation technologyinfrastructure acquisitionreconnaissanceiocit infrastructurejsc ertelecomjsc ertelecom holdingkhlateral movementlivestock managementlogin attacklogin attemptmail servermajoritmalicious activitymalicious softwaremalwaremalware distributionmanualmicrosoft entra idmultiple usersnetworknetwork attacksnetwork brute forcenetwork enumerationnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork traffic analysisnorth americapassword attackpassword attackspassword crackingpayment processingpaysphishingphishing attackping of deathpolandpop3 brute forceprecision agricultureprocess injectionprotocol exploitationratreconnaissanceremote accessremote servicesresearchedrusserussian ipscannerscanning activitysecurity operationssecurity policysign-in logssmb brute forcesmtpsmtp attackersmtp brute forcesocial engineeringsoftware developmentspamssh attacksustainable agriculturet1021t1021.001t1021.002t1021.003t1021.004t1021.005t1027t1040t1046t1047t1055t1059t1059.001t1059.003t1059.004t1068t1071t1071.001t1076t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1203t1213t1486t1496t1499.001t1499.002t1499.003t1539t1555t1563t1565t1566.001t1566.002t1566.003t1566.004t1573t1587.001t1588.004t1589t1590.001t1592t1595t1595.001t1595.002t1595.003tcp attacktcp protocoltcp scantelnet threatthreat actorthreat intelligencethreat preventionudp scanunauthorized access attemptunited stateswealth managementweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Mar 10Mar 10

Threat Activity Heatmap

· Peak: 2026-03-10
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
19
Reports
First seenSep 21, 2024
Last seenMar 10, 2026
GeolocationKH
CountryCambodia
LocationPhnom Penh, 12
ASNAS17726
OrgTelecom Cambodia (T.C.)
Coords11.5583, 104.9121

VirusTotal

Not checked

WHOIS

description
Email related brute force IOCs collected mainly from hosts located in Finland
raw
inetnum: 103.248.40.0 - 103.248.40.255 netname: CAMNET descr: Telecom Cambodia (T.C.) country: KH admin-c: HS2416-AP tech-c: HS2416-AP abuse-c: AC1706-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-KH-CAMNET mnt-irt: IRT-CAMNET-KH last-modified: 2021-08-27T08:06:51Z source: APNIC irt: IRT-CAMNET-KH address: # 95-97, Preah Sihanouk BLVD address: Phnom Penh e-mail: [email protected] abuse-mailbox: [email protected] admin-c: LV62-AP tech-c: HS2416-AP auth: # Filtered remarks: [email protected] was validated on 2025-07-02 mnt-by: MAINT-KH-CAMNET last-modified: 2025-07-02T01:12:35Z source: APNIC role: ABUSE CAMNETKH country: ZZ address: # 95-97, Preah Sihanouk BLVD address: Phnom Penh phone: +000000000 e-mail: [email protected] admin-c: LV62-AP tech-c: HS2416-AP nic-hdl: AC1706-AP remarks: Generated from irt object IRT-CAMNET-KH remarks: [email protected] was validated on 2025-07-02 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-02T01:13:10Z source: APNIC person: Hong Sereyvuth address: #95-97, Preah Sihanouk BLVD, Phnom Penh country: KH phone: +855 92123123 e-mail: [email protected] nic-hdl: HS2416-AP mnt-by: MAINT-KH-CAMNET last-modified: 2021-08-27T07:54:42Z source: APNIC route: 103.248.40.0/24 origin: AS17726 descr: Telecom Cambodia (T.C.) #95-97 Preah Sihanouk BLVD mnt-by: MAINT-KH-CAMNET last-modified: 2018-11-30T07:15:34Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 19 threat reports