IOC Radar
IPMediumSignal 28/100

112.169.244.176

Location
Korea, Republic ofKorea, Republic of
Songpa-gu, 11
ASN
AS4766
Korea Telecom
First Seen
Apr 3, 2025
Last Seen
Mar 29, 2026
Apr 3
First Seen
437d ago
Mar 29
Last Seen
77d ago
12
Reports
source reports
28%
Confidence
medium
1/91
VirusTotal
detections
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
28%
Signal Score
28 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryKRKorea, Republic of
RegionSongpa-gu, 11
ASNAS4766
OrganizationKorea Telecom

Feed Intelligence Summary

12 reports28% confidence
12
Source reports
28%
Confidence score
Category tags
abuseactive scanactive scanningasiaattackaustraliabad reputationbotnetbotnet activitybrute forcebrute force attackbrute force attemptscommand and controlcommunication technologiescredential accesscredential stuffingdata exfiltrationdata store exposureddosdecoy systemdenial of servicedistributed attacksexploit attemptsexploitation activityftp brute forcehttp brute forceidentity & access exploitationindicatorinjection activitykorea, republic oflateral movementmalicious activitymalicious softwaremalwaremalware propagationmalware scanningmobile carriersmobile networksnetworknetwork probingnetwork scanningoceaniapassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscannersmtp brute forcesouth koreasql injection attemptsssh attackt1021t1021.001t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.002t1499.003t1555t1563t1565t1588t1595t1595.001t1595.002t1595.003targeting databasetelecom servicestelecommunicationsthreat actorthreat intelligencetor node

Activity Timeline

1 total obs
Mar 29Mar 29

Threat Activity Heatmap

· Peak: 2026-03-29
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
28
SIGNAL
Signal Score
28%
Confidence
12
Reports
First seenApr 3, 2025
Last seenMar 29, 2026
GeolocationKR
CountryKorea, Republic of
LocationSongpa-gu, 11
ASNAS4766
OrgKorea Telecom
Coords37.5080, 127.1177

VirusTotal

1/ 91vendors flagged
1% detection rateJun 6, 2026

WHOIS

raw
inetnum: 112.160.0.0 - 112.191.255.255 netname: KORNET descr: Korea Telecom admin-c: IM667-AP tech-c: IM667-AP country: KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR last-modified: 2017-02-03T02:21:58Z source: APNIC irt: IRT-KRNIC-KR address: 9, Jinheung-gil, Naju-si, Jeollanam-do e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IM574-AP tech-c: IM574-AP auth: # Filtered remarks: [email protected] was validated on 2020-04-09 mnt-by: MNT-KRNIC-AP last-modified: 2025-04-10T04:49:23Z source: APNIC person: IP Manager address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90 country: KR phone: +82-2-500-6630 e-mail: [email protected] nic-hdl: IM667-AP mnt-by: MNT-KRNIC-AP last-modified: 2017-03-28T06:37:04Z source: APNIC inetnum: 112.160.0.0 - 112.191.255.255 netname: KORNET-KR descr: Korea Telecom country: KR admin-c: IA9-KR tech-c: IM9-KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90 address: KT Head Office country: KR phone: +82-2-500-6630 e-mail: [email protected] nic-hdl: IA9-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90 address: KT Head Office country: KR phone: +82-2-500-6630 e-mail: [email protected] nic-hdl: IM9-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC
references
https://redpiranha.net

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 12 threat reports