IOC Radar
IPMediumSignal 60/100

112.78.191.254

Location
IndonesiaIndonesia
Jakarta, Jakarta
ASN
AS17451
BIZNET
First Seen
Jan 20, 2021
Last Seen
Jun 6, 2026
Jan 20
First Seen
1967d ago
Jun 6
Last Seen
4d ago
7
Reports
source reports
60%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
60%
Signal Score
60 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

24 techniques

Network Information

CountryIDIndonesia
RegionJakarta, Jakarta
ASNAS17451
OrganizationBIZNET

IP Category

Proxy
Proxy server

Feed Intelligence Summary

7 reports60% confidence
7
Source reports
60%
Confidence score
Category tags
abusech-urlhaus-c2cacrstealeractive scanactive scanningamadeyandroidarmarm-architectureasciiasiabackdoorbad reputationbad web botbotnetbotnet activitybotnetdomainbrute forcebrute force attackbrute-forcec2c2-communicationcode injectioncommand & controlcommand and controlcredential accesscredential stuffingdata exfiltrationdata store exposureddosddos attacksddosagentdenial of servicedistributed attacksdropped-by-amadeyelfelf-binaryencryptionexeexecutable fileexploitation activityexploited hostfingergafgythackinghajimeididentity & access exploitationindicatorindonesiainfostealerinjection activityinternet of thingsiot botnetiot securityiot targetediot-malwareiot/ics attackjarkeyloggerligololinux-malwareloadermalicious softwaremalwaremassloggermeterpretermipsmips-architecturemiraimirai botnetmobile threatmozinetworkocxopendirpassword attackspowershellprocess injectionproxyps1pureratransomwareratreconnaissanceresearchedreverse-proxyrustystealersalatstealerscams & fraudscannerscriptshsilentnetsmartloadersnakekeyloggersshdkitstealcstealert1055t1059t1059.007t1071t1071.001t1110.001t1110.002t1110.003t1110.004t1190t1203t1204t1204.001t1486t1496t1499.001t1499.002t1499.003t1547t1565t1566t1595.001t1595.002t1595.003threat actortor nodeua-mshtaua-powershellua-wgetvantaratvbsweb app attackweb application attackweb exploitationwindows-malwarewsgidavxmlxwormzipzip-archive

Activity Timeline

1 total obs
Jun 6Jun 6

Threat Activity Heatmap

· Peak: 2026-06-06
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
60
SIGNAL
Signal Score
60%
Confidence
7
Reports
First seenJan 20, 2021
Last seenJun 6, 2026
GeolocationID
CountryIndonesia
LocationJakarta, Jakarta
ASNAS17451
OrgBIZNET
Coords-6.2094, 106.8210
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 112.78.128.0 - 112.78.191.255 netname: BIZNET-ID descr: Biznet Networks descr: Internet Service Provider descr: Jakarta, Indonesia country: ID admin-c: BA18-AP tech-c: BA18-AP remarks: Send Spam & Abuse report to: [email protected] mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-BIZNET status: ALLOCATED PORTABLE mnt-irt: IRT-BIZNET-ID last-modified: 2026-03-02T02:05:04Z source: APNIC irt: IRT-BIZNET-ID address: Biznet Networks address: Midplaza 2, 8th Floor address: Jl. Jend Sudirman Kav 10-11 address: Jakarta 10220 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: BA18-AP tech-c: BA18-AP auth: # Filtered remarks: [email protected] is invalid remarks: [email protected] was validated on 2025-12-29 mnt-by: MAINT-ID-BIZNET last-modified: 2025-12-29T04:40:33Z source: APNIC person: BIZNET ADMIN address: MidPlaza 2, 8th Floor address: Jl. Jendral Sudirman Kav 10-11 address: Jakarta 10220 country: ID phone: +62-21-570-8888 fax-no: +62-21-570-0580 e-mail: [email protected] nic-hdl: BA18-AP mnt-by: MAINT-ID-BIZNET last-modified: 2010-10-05T09:20:02Z source: APNIC inetnum: 112.78.128.0 - 112.78.191.255 netname: BIZNET-ID descr: Biznet Networks descr: Internet Service Provider descr: Jakarta, Indonesia country: ID admin-c: BA18-AP tech-c: BA18-AP remarks: Send Spam & Abuse report to: [email protected] mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-BIZNET status: ALLOCATED PORTABLE mnt-irt: IRT-BIZNET-ID last-modified: 2024-08-21T08:46:10Z source: IDNIC irt: IRT-BIZNET-ID address: Biznet Networks address: Midplaza 2, 8th Floor address: Jl. Jend Sudirman Kav 10-11 address: Jakarta 10220 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: BA18-AP tech-c: BA18-AP auth: # Filtered mnt-by: MAINT-ID-BIZNET last-modified: 2024-08-22T04:54:11Z source: IDNIC person: BIZNET ADMIN address: MidPlaza 2, 8th Floor address: Jl. Jendral Sudirman Kav 10-11 address: Jakarta 10220 country: ID phone: +62-21-570-8888 fax-no: +62-21-570-0580 e-mail: [email protected] nic-hdl: BA18-AP mnt-by: MAINT-ID-BIZNET last-modified: 2010-10-05T09:20:02Z source: IDNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 4 days ago
Appeared in 7 threat reports