IPMediumSignal 100/100
110.41.164.39
Location
ChinaGuangzhou, Guangdong
ASN
AS55990
Huawei Cloud Service
First Seen
Feb 11, 2025
Last Seen
Mar 15, 2026
Feb 11
First Seen
487d ago
Mar 15
Last Seen
90d ago
13
Reports
source reports
99%
Confidence
medium
4/91
VirusTotal
detections
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionGuangzhou, Guangdong
ASNAS55990
OrganizationHuawei Cloud Service
Feed Intelligence Summary
13 reports99% confidence
13
Source reports
99%
Confidence score
Category tags
abuseactive scanningadversary simulation toolagent teslaakamaialibabaandroidapi contactaptasiaasyncratbeaconbeaconing activitybotnetc2c2 communicationc2 frameworkchinacncobaltcobalt strikecobaltstrikecommand and controlcompromised systemconfigcredential harvestingctadata encryptiondata exfiltrationdistributed attackse-commerceeuropeextortionfeedfindfraudglobalhackinghavochookbothuaweiindicatorindicators of compromiseinformation technologyinfrastructure acquisitionreconnaissanceiociocsiotjquerylateral movementlateral movement techniqueslinkedin pagemalicious softwaremalwaremalware distributionmanualmedia & entertainmentmythicnanocore ratnetsupportratnetworknetwork traffic analysispayload deliverypayload deploymentpayload generationpegasuspenetration testing toolphishingphishing attackphppost-exploitationpost-exploitation activitiespost-exploitation activityprocess injectionprotectqakbotransomwareransomware feedreconnaissanceremcos trojanremote accessremote access trojanremote servicesresearchedreverse_sshscannersecurity operationssentinel mispserversliverslugsocial engineeringstrongsurface websystem disruptiont1003t1005t1016t1018t1021t1021.001t1027t1041t1047t1049t1053t1055t1059t1059.001t1059.003t1068t1071t1071.001t1078t1083t1090t1090.001t1095t1105t1129t1134t1190t1210t1486t1490t1496t1499.002t1499.003t1543t1565t1566t1566.001t1566.002t1566.003t1567t1569.002t1573t1573.001t1574t1587.001t1590.001t1595.001t1595.002t1595.003telecommunicationthreat actorthreat feedthreat intelligenceunixvietnam
Activity Timeline
Mar 15Mar 15
Threat Activity Heatmap
· Peak: 2026-03-15LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
13
Reports
First seenFeb 11, 2025
Last seenMar 15, 2026
GeolocationCN
CountryChina
LocationGuangzhou, Guangdong
ASNAS55990
OrgHuawei Cloud Service
Coords23.1274, 113.2646
WHOIS
- description
- CC=CN ASN=AS55990 Huawei Cloud Service data center
- references
- https://threatfox.abuse.ch/export/csv/recent/, https://precisionsec.com/threat-intelligence-feeds/cobaltstrike/, https://x.com/drb_ra/status/1889193777111175591, https://x.com/drb_ra/status/1889204509219401926, https://x.com/drb_ra/status/1889205168316555512, https://x.com/drb_ra/status/1889205185261482001, https://x.com/drb_ra/status/1889205204295299285, https://x.com/drb_ra/status/1889205223815602400, https://x.com/drb_ra/status/1889205241108627919, https://x.com/drb_ra/status/1889205260532560238, https://x.com/drb_ra/status/1889205279742697485, https://x.com/drb_ra/status/1889205298851643531, https://x.com/drb_ra/status/1889205318116094337, https://x.com/drb_ra/status/1889205337162391792, https://x.com/drb_ra/status/1889205356615663908, https://x.com/drb_ra/status/1889205375804596313, https://x.com/drb_ra/status/1889205394817376746, https://x.com/drb_ra/status/1889205414195020070, https://x.com/drb_ra/status/1889205433983697060, https://x.com/drb_ra/status/1889205453969633325, https://x.com/drb_ra/status/1889205471526989838, https://x.com/drb_ra/status/1889205488643867036, https://x.com/drb_ra/status/1889205505794424983, https://x.com/drb_ra/status/1889205523733467337, https://x.com/drb_ra/status/1889235355276026106, https://x.com/drb_ra/status/1889240423790432371, https://x.com/drb_ra/status/1889240443377823813, https://x.com/drb_ra/status/1889263702836384025, https://x.com/drb_ra/status/1889263720821342472, https://x.com/drb_ra/status/1889263739049763184, https://x.com/drb_ra/status/1889263757055991993, https://x.com/drb_ra/status/1889263775036878905, https://x.com/drb_ra/status/1889263796306194939, https://x.com/drb_ra/status/1889264312906105318, https://x.com/drb_ra/status/1889264331784643031, https://x.com/drb_ra/status/1889270911208972779, https://x.com/drb_ra/status/1889270929307402664, https://x.com/drb_ra/status/1889270947187732944, https://x.com/drb_ra/status/1889271464089493707, https://x.com/drb_ra/status/1889271481982414891, https://x.com/drb_ra/status/1889271500298912036, https://x.com/drb_ra/status/1889371581886922880, https://x.com/drb_ra/status/1889385245515899023, https://x.com/drb_ra/status/1889385782726762671, https://x.com/drb_ra/status/1889385801068478632, https://x.com/drb_ra/status/1889385820114788650, https://x.com/drb_ra/status/1889385836652929382, https://x.com/drb_ra/status/1889385856147894432, https://x.com/drb_ra/status/1889385877085827195, https://x.com/drb_ra/status/1889385898019631452, https://x.com/drb_ra/status/1889385918588658122, https://x.com/drb_ra/status/1889385937840513338, https://x.com/drb_ra/status/1889385943469105492, https://x.com/drb_ra/status/1889385955032748211, https://x.com/drb_ra/status/1889385973739380795, https://x.com/drb_ra/status/1889385972158038257, https://x.com/drb_ra/status/1889385991854535012, https://x.com/drb_ra/status/1889386009399345223, https://x.com/drb_ra/status/1889386029347701207, https://x.com/drb_ra/status/1889386049308344622, https://x.com/drb_ra/status/1889386567757664741, https://x.com/drb_ra/status/1889386586552541640, https://x.com/drb_ra/status/1889386604080333220, https://x.com/drb_ra/status/1889386623022072025, https://x.com/drb_ra/status/1889386639866179885, https://x.com/drb_ra/status/1889386658958827716, https://x.com/drb_ra/status/1889386676880867443, https://x.com/drb_ra/status/1889422656249671788, https://x.com/drb_ra/status/1889422741519962183, https://x.com/drb_ra/status/1889422788647080177, https://x.com/drb_ra/status/1889422980196847686, https://x.com/drb_ra/status/1889448060301754658
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 3 months ago
Appeared in 13 threat reports