IOC Radar
IPMediumSignal 69/100

117.44.64.85

Location
ChinaChina
Taohua, HB
ASN
AS4134
Chinanet JX
First Seen
Feb 11, 2025
Last Seen
Feb 20, 2026
Feb 11
First Seen
487d ago
Feb 20
Last Seen
113d ago
10
Reports
source reports
69%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

26 techniques

Network Information

CountryCNChina
RegionTaohua, HB
ASNAS4134
OrganizationChinanet JX

IP Category

Proxy
Proxy server

Feed Intelligence Summary

10 reports69% confidence
10
Source reports
69%
Confidence score
Category tags
active scanningasiabotnetbotnet iocsbotnet miraibotnet propagationbrute forcechinacncommand and controlcommunication protocolconnected devicescredential accesscredential stuffingdata exfiltrationddosddos attacksdenial of servicedevice managementdistributed attacksexploitationgorillabotindicatorindustrial iotinitial accessinternet of thingsiocsiot analyticsiot applicationsiot botnetiot devicesiot platformsiot securityiot/ics attackipv4irclinuxmalicious softwaremalwaremirai botnetmirai internetnetworknetwork attacksnetwork protocolnetwork scanningnetwork securityoutlawprocess injectionprotocol exploitationproxyreconnaissanceresearchedscanning activitysmart devicesssh attackt1021t1021.001t1040t1053.005t1055t1059t1059.004t1071t1071.001t1078t1078.001t1105t1110.002t1190t1203t1486t1496t1497t1497.001t1498.001t1499.002t1499.003t1565t1595.001t1595.002t1595.003tcp protocoltelnet threatthingstwitterxmrig

Activity Timeline

1 total obs
Feb 20Feb 20

Threat Activity Heatmap

· Peak: 2026-02-20
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
10
Reports
First seenFeb 11, 2025
Last seenFeb 20, 2026
GeolocationCN
CountryChina
LocationTaohua, HB
ASNAS4134
OrgChinanet JX
Coords30.5851, 114.2662
Proxy

VirusTotal

Not checked

WHOIS

raw
inetnum: 117.44.0.0 - 117.45.255.255 netname: CHINANET-JX descr: CHINANET Jiangxi province network descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 country: CN admin-c: CH93-AP tech-c: JN113-AP abuse-c: AC1573-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-IP-WWF mnt-routes: MAINT-IP-WWF mnt-irt: IRT-CHINANET-CN last-modified: 2021-06-15T08:04:56Z source: APNIC irt: IRT-CHINANET-CN address: No.31 ,jingrong street,beijing address: 100032 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH93-AP tech-c: CH93-AP auth: # Filtered remarks: [email protected] was validated on 2025-04-24 mnt-by: MAINT-CHINANET last-modified: 2025-04-24T03:21:26Z source: APNIC role: ABUSE CHINANETCN country: ZZ address: No.31 ,jingrong street,beijing address: 100032 phone: +000000000 e-mail: [email protected] admin-c: CH93-AP tech-c: CH93-AP nic-hdl: AC1573-AP remarks: Generated from irt object IRT-CHINANET-CN remarks: [email protected] was validated on 2025-04-24 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-04-24T03:21:54Z source: APNIC role: JXDCB NET address: Jiangxi telecom network operation support department address: No.2009, Beijing East Road , nanchang,jiangxi province country: CN phone: +86 79186600000 e-mail: [email protected] remarks: send spam reports to [email protected] remarks: and abuse reports to [email protected] remarks: http://www.online.jx.cn admin-c: XY1-AP tech-c: WZ1-CN tech-c: WW49-AP nic-hdl: JN113-AP notify: [email protected] mnt-by: MAINT-IP-WWF last-modified: 2020-04-02T08:23:08Z source: APNIC person: Chinanet Hostmaster nic-hdl: CH93-AP e-mail: [email protected] address: No.31 ,jingrong street,beijing address: 100032 phone: +86-10-58501724 fax-no: +86-10-58501724 country: CN mnt-by: MAINT-CHINANET last-modified: 2022-02-28T06:53:44Z source: APNIC
references
https://1275.ru/ioc/gs-25-19131-mirai-botnet-iocs_11023, https://1275.ru/ioc/gs-25-19129-mirai-botnet-iocs_11015, https://1275.ru/ioc/gs-25-19128-mirai-botnet-iocs_11001, https://1275.ru/ioc/gs-25-19127-mirai-botnet-iocs_10989, https://1275.ru/ioc/gs-25-19125-mirai-botnet-iocs_10956, https://1275.ru/ioc/gs-25-19126-mirai-botnet-iocs_10970, https://1275.ru/ioc/gs-25-18122-mirai-botnet-iocs_10913, https://1275.ru/ioc/gs-25-18120-mirai-botnet-iocs_10854, https://1275.ru/ioc/gs-25-18119-mirai-botnet-iocs_10829, https://1275.ru/ioc/gs-25-18118-mirai-botnet-iocs_10825, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs-2_10696, https://1275.ru/ioc/gs-25-17115-mirai-botnet-iocs_10682, https://1275.ru/ioc/gs-25-17113-mirai-botnet-iocs_10658, https://1275.ru/ioc/gs-25-17112-mirai-botnet-iocs_10640, https://1275.ru/ioc/gs-25-1490-mirai-botnet-iocs_10200

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 10 threat reports