IOC Radar
IPMediumSignal 61/100

117.241.51.217

Location
IndiaIndia
Patran, KL
ASN
AS9829
BSNL Internet
First Seen
Feb 16, 2025
Last Seen
Mar 20, 2026
Feb 16
First Seen
481d ago
Mar 20
Last Seen
84d ago
6
Reports
source reports
61%
Confidence
medium
3/91
VirusTotal
detections
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
61%
Signal Score
61 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Network Information

CountryINIndia
RegionPatran, KL
ASNAS9829
OrganizationBSNL Internet

Feed Intelligence Summary

6 reports61% confidence
6
Source reports
61%
Confidence score
Category tags
abuseahmythapkarmasiaasyncratbackdoorbitbucketbotnetbotnetdomaincensyscobaltstrikecoinminercommand and controldata encryptiondata exfiltrationddos attacksdistributed attacksdlldropped-by-amadeyelfexeextortiongafgythajimehavochijackloaderinindiaindicatorinternet of thingsiot botnetiot/ics attackjava-bytecodekaijil3monloaderlummastealermachomalicious softwaremalwaremeduzastealermeterpretermipsmirai botnetmozimultiratnetworkopendirparaguaypdfpinkprocess injectionps1qbotransomwareratredlinestealerremote accessresearchedsaint helena, ascension and tristan da cunhashellcodesliversmoke loadersshdkitstealcsystem disruptionsystembct1005t1027t1055t1059t1071t1071.001t1078t1105t1133t1189t1190t1204t1204.002t1486t1490t1496t1499.002t1499.003t1547t1565t1566t1566.001t1583t1584t1588t1588.002t1608ua-wgetvidarwsgidavxmrigxorbotzip

Activity Timeline

1 total obs
Mar 20Mar 20

Threat Activity Heatmap

· Peak: 2026-03-20
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address 117.241.51.217, carries a significant risk score of 60.78 and is not whitelisted, indicating a high potential for malicious activity within an organization's environment. Its association with threat actors such as MALLARD SPIDER, SMOKY SPIDER, and TA570, who are known for sophisticated ransomware, data exfiltration, and denial-of-service operations, underscores the severe nature of the threat. If this IOC is present or engaged with, it could si…

Threat ScoreMedium Risk
61
SIGNAL
Signal Score
61%
Confidence
6
Reports
First seenFeb 16, 2025
Last seenMar 20, 2026
GeolocationIN
CountryIndia
LocationPatran, KL
ASNAS9829
OrgBSNL Internet
Coords11.2448, 75.7721

VirusTotal

3/ 91vendors flagged
3% detection rateJun 2, 2026

WHOIS

raw
inetnum: 117.241.0.0 - 117.241.255.255 netname: BB-Multiplay descr: Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore country: IN admin-c: BH155-AP tech-c: DB374-AP abuse-c: AB1061-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-IN-DOT mnt-irt: IRT-BSNL-IN last-modified: 2021-07-15T07:15:56Z source: APNIC irt: IRT-BSNL-IN address: Internet Cell address: Bharat Sanchar Nigam Limited. address: 8th Floor,148-B Statesman House address: Barakhamba Road, New Delhi - 110 001 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NC83-AP tech-c: CGMD1-AP auth: # Filtered remarks: [email protected] was validated on 2024-12-26 mnt-by: MAINT-IN-DOT last-modified: 2024-12-26T04:34:51Z source: APNIC role: ABUSE BSNLIN country: ZZ address: Internet Cell address: Bharat Sanchar Nigam Limited. address: 8th Floor,148-B Statesman House address: Barakhamba Road, New Delhi - 110 001 phone: +000000000 e-mail: [email protected] admin-c: NC83-AP tech-c: CGMD1-AP nic-hdl: AB1061-AP remarks: Generated from irt object IRT-BSNL-IN remarks: [email protected] was validated on 2024-12-26 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-12-26T04:35:22Z source: APNIC person: BSNL Hostmaster nic-hdl: BH155-AP e-mail: [email protected] address: Broadband Networks address: Bharat Sanchar Nigam Limited address: 2nd Floor, Telephone Exchange, Sector 62 address: Noida phone: +91-120-2404243 fax-no: +91-120-2404241 country: IN mnt-by: MAINT-IN-PER-DOT last-modified: 2021-12-08T10:52:18Z source: APNIC person: DGM Broadband address: BSNL NOC Bangalore country: IN phone: +91-080-25805800 fax-no: +91-080-25800022 e-mail: [email protected] nic-hdl: DB374-AP mnt-by: MAINT-IN-PER-DOT last-modified: 2011-02-19T10:03:44Z source: APNIC route: 117.241.48.0/20 descr: BSNL Internet country: IN origin: AS9829 mnt-lower: MAINT-IN-DOT mnt-routes: MAINT-IN-DOT mnt-by: MAINT-IN-AS9829 last-modified: 2008-09-04T07:55:07Z source: APNIC
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 6 threat reports