IOC Radar
IPMediumSignal 46/100

115.149.140.218

Location
ChinaChina
Taohua, Jiangxi
ASN
AS4134
Chinanet JX
First Seen
Nov 14, 2024
Last Seen
May 10, 2026
Nov 14
First Seen
590d ago
May 10
Last Seen
48d ago
15
Reports
source reports
46%
Confidence
medium
Found in 15 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
46%
Signal Score
46 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Network Information

CountryCNChina
RegionTaohua, Jiangxi
ASNAS4134
OrganizationChinanet JX

Feed Intelligence Summary

15 reports46% confidence
15
Source reports
46%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningaptasiaattackauto-generated securitybad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsc&cc2chinacisco devicecncommand & controlcommand and controlcommunication protocolcommunication technologiescompromised devicecompromised hostcompromised systemcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosddos attacksdecoy systemdenial of servicedevice managementdistributed attacksenterprise networkingexploit attemptsexploitation activityexploited hostftp brute forcehackinghoneytrap honeypothttp brute forceidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklamplamp server targetinglateral movementmalicious activitymalicious loginmalicious script executionmalicious softwaremalwaremalware propagationmalware scanningmanualmirai botnetmobile carriersmobile networksnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningnetwork trafficpassword attacksphishingphishing attackprocess injectionprotocol exploitationransomwarereconnaissanceremote accessremote servicesresearchedscanscannersecurity policyservice scansftp access attemptsftp attacksmtp brute forcesocial engineeringsocradar honeypotspamsql injection attemptsssh attackssh monitoringt1003t1021t1021.001t1021.002t1040t1041t1046t1055t1059t1071t1071.001t1076t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1203t1210t1486t1496t1497t1499.001t1499.002t1499.003t1550t1563t1565t1566t1566.001t1566.002t1566.003t1587.001t1588t1590.001t1595t1595.001t1595.002t1595.003targeting databasetcp protocoltelecom servicestelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodeunauthorized accessunauthorized login attemptweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
May 10May 10

Threat Activity Heatmap

· Peak: 2026-05-10
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
46
SIGNAL
Signal Score
46%
Confidence
15
Reports
First seenNov 14, 2024
Last seenMay 10, 2026
GeolocationCN
CountryChina
LocationTaohua, Jiangxi
ASNAS4134
OrgChinanet JX
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

description
Imported indicator
raw
inetnum: 115.148.0.0 - 115.151.255.255 netname: CHINANET-JX descr: CHINANET JIANGXI PROVINCE NETWORK descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: CH93-AP tech-c: CH93-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider mnt-by: APNIC-HM mnt-lower: MAINT-IP-WWF mnt-routes: MAINT-IP-WWF mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:06:06Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 15 threat reports