IOC Radar
IPMediumSignal 82/100

117.50.213.159

Location
ChinaChina
Beijing, Beijing
ASN
AS23724
Shanghai UCloud Information Technology Company Limited
First Seen
Apr 7, 2026
Last Seen
Apr 23, 2026
Apr 7
First Seen
75d ago
Apr 23
Last Seen
59d ago
9
Reports
source reports
82%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
82%
Signal Score
82 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryCNChina
RegionBeijing, Beijing
ASNAS23724
OrganizationShanghai UCloud Information Technology Company Limited

Feed Intelligence Summary

9 reports82% confidence
9
Source reports
82%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiabad reputationbrute forcebrute force attackbrute-forcebruteforcechinacowriecredential accesscredential stuffingdionaeaexploitexploitation activityfattftp brute-forcehackingidentity & access exploitationindicatornetworkp0fpassword attacksreconnaissanceresearchedscannersecurity policysensor-taggedsshssh attackt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003tannertelnetthreat preventiontpotvulnerability scanvulnerability-exploitation

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
82
SIGNAL
Signal Score
82%
Confidence
9
Reports
First seenApr 7, 2026
Last seenApr 23, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS23724
OrgShanghai UCloud Information Technology Company Limited
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

description
Score: 65/100. Labels: abuseipdb:brute-force, abuseipdb:critical, abuseipdb:ftp-brute, abuseipdb:hacking, abuseipdb:port-scan, abuseipdb:reported. 117.50.213.159 classified as automated brute-force attacker targeting SSH/Telnet credentials (medium confidence). Origin: enriched. Listed on: AbuseIPDB (brute-force, critical, ftp-brute).
raw
inetnum: 117.50.0.0 - 117.50.255.255 netname: UCLOUD-NET descr: Shanghai UCloud Information Technology Company Limited country: CN admin-c: JJ2197-AP tech-c: JJ2197-AP abuse-c: AC1601-AP status: ALLOCATED PORTABLE mnt-by: MAINT-CNNIC-AP mnt-irt: IRT-UCLOUD-NET-CN mnt-lower: MAINT-CNNIC-AP mnt-routes: MAINT-CNNIC-AP last-modified: 2023-11-28T00:56:57Z source: APNIC irt: IRT-UCLOUD-NET-CN address: 2nd Floor 3rd Building No.200 EAST Guoding Road,Yangpu District,Shanghai e-mail: [email protected] abuse-mailbox: [email protected] admin-c: JJ2197-AP tech-c: JJ2197-AP auth: # Filtered mnt-by: MAINT-CNNIC-AP last-modified: 2025-11-18T00:35:05Z source: APNIC role: ABUSE CNNICCN country: ZZ address: Beijing, China phone: +000000000 e-mail: [email protected] admin-c: IP50-AP tech-c: IP50-AP nic-hdl: AC1601-AP remarks: Generated from irt object IRT-CNNIC-CN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-09-19T17:20:32Z source: APNIC person: Jinhui Jia e-mail: [email protected] address: 510,SOHO B,Zhongguancun,Haidian, Beijing phone: +86-13811069300 country: CN mnt-by: MAINT-CNNIC-AP nic-hdl: JJ2197-AP last-modified: 2022-03-23T06:19:21Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 9 threat reports