IOC Radar
IPMediumSignal 17/100

104.233.140.135

Location
United StatesUnited States
Los Angeles, California
ASN
AS54600
PEG TECH INC
First Seen
May 28, 2025
Last Seen
Jun 7, 2026
May 28
First Seen
377d ago
Jun 7
Last Seen
2d ago
7
Reports
source reports
17%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
17%
Signal Score
17 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

61 techniques

Network Information

CountryUSUnited States
RegionLos Angeles, California
ASNAS54600
OrganizationPEG TECH INC

Feed Intelligence Summary

7 reports17% confidence
7
Source reports
17%
Confidence score
Category tags
academic institutionsactive scanadvanced threataptapt groupapt41arsenalbackdoorbankingbotnetbotnet activitybrute forcebrute ratelbrute_forcec domainsc serversc2 communicationcivil servicescobaltcobalt strikecobalt strike frameworkcommand & controlcommand and controlconsumer goodscredential accesscredential stuffingcredential_accesscredit card servicescustom malwarecustom toolscyber threatdata exfiltrationdata store exposuredatabase securitydevelops customdistributed attacksdll sideloadingearth lamiaeducationeducational resourceseducational serviceseducational technologyexploitationexploitation activityfinancefinance and insurancefinancial servicesfinancial technologyfleet managementfreight servicesftpgovernment technologyhigher educationidentity & access exploitationinformation technologyinjection activityinjection attacksiot securityit infrastructurejuicypotato exploitk-12 educationlateral movementmalicious softwaremalwaremalware developmentmaritime transportmulti-industry targetingnetworknetwork attacksnetwork securitynetwork_reconnaissancenorth americapassenger transportationpayment processingphishingprocess injectionprotocol exploitationproxypublic administrationpublic infrastructurepublic policypulsepack malwarerail transportransomwareregulatory agenciesremote accessremote servicesresearchedretail tradesoftware developmentsql injectionssh attackstowaway toolt1003t1005t1016t1021t1021.001t1021.002t1027t1040t1053t1053.005t1055t1055.001t1057t1059t1059.001t1059.003t1059.004t1059.005t1068t1071t1071.001t1076t1078t1078.003t1105t1110t1110.002t1133t1136.001t1140t1189t1190t1204t1204.002t1210t1486t1496t1499.002t1499.003t1505.003t1547t1547.001t1555t1563t1565t1566t1566.001t1569.002t1583.001t1583.003t1587.001t1590t1592t1592.001t1592.002t1592.003t1595t1595.001t1595.002t1608.001t1608.002targeted attacktargeting databasetelnet threatthreat actortor nodetransportation and warehousingtransportation infrastructuretransportation technologyunited statesusvshellvshell malwarewealth management

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
17
SIGNAL
Signal Score
17%
Confidence
7
Reports
First seenMay 28, 2025
Last seenJun 7, 2026
GeolocationUS
CountryUnited States
LocationLos Angeles, California
ASNAS54600
OrgPEG TECH INC
Coords37.7510, -97.8220

VirusTotal

Not checked

WHOIS

raw
NetRange: 104.233.128.0 - 104.233.255.255 CIDR: 104.233.128.0/17 NetName: PT-82-5 NetHandle: NET-104-233-128-0-1 Parent: NET104 (NET-104-0-0-0-0) NetType: Direct Allocation OriginAS: AS398478, AS398993, AS398823, AS54600 Organization: PEG TECH INC (PT-82) RegDate: 2014-11-03 Updated: 2020-12-18 Ref: https://rdap.arin.net/registry/ip/104.233.128.0 OrgName: PEG TECH INC OrgId: PT-82 Address: 2805 Mission College Blvd City: Santa Clara StateProv: CA PostalCode: 95054 Country: US RegDate: 2012-03-27 Updated: 2024-11-25 Ref: https://rdap.arin.net/registry/entity/PT-82 OrgAbuseHandle: ABUSE3497-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-408-692-5581 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3497-ARIN OrgNOCHandle: NOC12550-ARIN OrgNOCName: NOC OrgNOCPhone: +1-408-692-5581 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN OrgTechHandle: NOC12550-ARIN OrgTechName: NOC OrgTechPhone: +1-408-692-5581 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/NOC12550-ARIN
references
https://www.trendmicro.com/en_us/research/25/e/earth-lamia.html, https://documents.trendmicro.com/assets/txt/earth_lamia_iocs_v2CeWlPie.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 days ago
Appeared in 7 threat reports