IOC Radar
IPMediumSignal 65/100

109.207.41.150

Location
SerbiaSerbia
Jajinci, 00
ASN
AS52026
TRUFpool2
First Seen
Apr 7, 2026
Last Seen
Jun 4, 2026
Apr 7
First Seen
66d ago
Jun 4
Last Seen
8d ago
10
Reports
source reports
65%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryRSSerbia
RegionJajinci, 00
ASNAS52026
OrganizationTRUFpool2

Feed Intelligence Summary

10 reports65% confidence
10
Source reports
65%
Confidence score
Category tags
active scanactive scanningaptbrute forcebrute force attackbrute-forcecredential accesscredential stuffingexploitation activityhackingidentity & access exploitationimapimap attackindicatornetworkpassword attacksreconnaissanceresearchedscannerself-signedserbiasmtpsmtp attackerssht1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003threat actortor node

Activity Timeline

1 total obs
Jun 4Jun 4

Threat Activity Heatmap

· Peak: 2026-06-04
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
10
Reports
First seenApr 7, 2026
Last seenJun 4, 2026
GeolocationRS
CountrySerbia
LocationJajinci, 00
ASNAS52026
OrgTRUFpool2
Coords44.8166, 20.4721

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 109.207.32.0 - 109.207.47.255 netname: TRUF remarks: *** Please send spam and abuse notifications only to [email protected] *** country: rs org: ORG-TD21-RIPE admin-c: BV1910-RIPE tech-c: BV1910-RIPE status: ASSIGNED PI mnt-by: RIPE-NCC-END-MNT mnt-by: AS6700-MNT mnt-routes: AS6700-MNT mnt-domains: AS6700-MNT created: 2010-01-18T11:45:05Z last-modified: 2025-11-25T11:05:10Z source: RIPE sponsoring-org: ORG-TS21-RIPE organisation: ORG-TD21-RIPE org-name: TRUF d.o.o. country: RS remarks: *** Please send spam and abuse notifications only to [email protected] *** org-type: OTHER address: Jevrejska 11/6 Beograd abuse-c: TD3593-RIPE mnt-ref: AS6700-MNT mnt-by: AS6700-MNT created: 2009-12-07T11:20:00Z last-modified: 2022-12-01T16:54:49Z source: RIPE # Filtered person: Bojan Vranac address: KBCnet, Mirijevski bulevar 9n, Belgrade, Serbia phone: +381113835496 nic-hdl: BV1910-RIPE mnt-by: AS6700-MNT created: 2012-12-05T12:40:51Z last-modified: 2012-12-05T12:40:51Z source: RIPE # Filtered route: 109.207.41.0/24 origin: AS52026 mnt-by: AS6700-MNT created: 2018-03-02T14:33:11Z last-modified: 2018-03-02T14:33:11Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 8 days ago
Appeared in 10 threat reports