IOC Radar
IPMediumSignal 57/100

118.193.61.178

Location
JapanJapan
Tokyo, Tokyo
ASN
AS135377
Ucloud Information Technology (hk) Limited
First Seen
Jun 24, 2024
Last Seen
Jun 7, 2026
Jun 24
First Seen
719d ago
Jun 7
Last Seen
6d ago
10
Reports
source reports
57%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
57%
Signal Score
57 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryJPJapan
RegionTokyo, Tokyo
ASNAS135377
OrganizationUcloud Information Technology (hk) Limited

Feed Intelligence Summary

10 reports57% confidence
10
Source reports
57%
Confidence score
Category tags
active scanningaerospace & defensealibabaamosandroid appandroid bankingandroid trojanaptasiaatomic macosatomic macos stealerbrute forcebrute_forcec2 communicationc2 serverchina-nexus aptcommunication technologiescomputer securitycontactcredential accesscredential harvestingcredential stuffingcredential theftcredential_accesscryptocurrency threatscryptojackingcyber attackscyber newscyber security newscyber security updatescyber updatesdata breachdata encryptiondata exfiltrationdefensedefense contractingdefense logisticsdefense systemsdefense technologydmitry kalinindownload fileenergyenergy distributionextortionfinanceftpfuturegithubgoogle drivegpkihacker newshacking newshow to hackicmpin the wildindicatorinformation securityinformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinsiktinsikt groupinstallit infrastructurejapankalininlauncherlinuxmacosmalicious downloadmalicious softwaremalwaremalware distributionmanualmarkopolomedusamilitary operationsmobilemobile carriersmobile networksmobile securitymopslednational securitynetworknetwork reconnaissancenetwork scanningnetwork securitynetwork_reconnaissanceoil & gasphishingphishing attackpower generationpower systemsprocess injectionprotocol exploitationpythonransomwarereconnaissancerecorded futureremote accessremote servicesrenewable energyreptileresearchedresource hijackingrhttpproxyrootkitsecurity operationssingaporesocial engineeringsoftware developmentsoftware vulnerabilitysoumnibotsouth koreassh attackstealcstealersupply chainsystem disruptiont1003t1005t1014t1021t1021.001t1027t1040t1041t1049t1055t1059t1064t1068t1071t1071.001t1076t1078t1095t1105t1110t1110.002t1134t1190t1486t1490t1496t1543t1563t1565t1566t1566.001t1566.002t1566.003t1587.001t1590.001t1595t1595.001t1595.002t1595.003tacacstacacs servertelecom servicestelecommunicationstelnet threatthe hacker newsthreat intelligencetokentwitterunc3886uploadvortaxwrite

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
57
SIGNAL
Signal Score
57%
Confidence
10
Reports
First seenJun 24, 2024
Last seenJun 7, 2026
GeolocationJP
CountryJapan
LocationTokyo, Tokyo
ASNAS135377
OrgUcloud Information Technology (hk) Limited
Coords35.6887, 139.7450

VirusTotal

Not checked

WHOIS

raw
inetnum: 118.193.61.0 - 118.193.61.255 netname: UCLOUD-JP descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED country: JP admin-c: UITH2-AP tech-c: UITH2-AP abuse-c: AU164-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-UCLOUD-HK mnt-irt: IRT-UCLOUD-HK last-modified: 2023-03-09T08:11:18Z source: APNIC irt: IRT-UCLOUD-HK address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong e-mail: [email protected] abuse-mailbox: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP auth: # Filtered remarks: [email protected] was validated on 2025-07-01 remarks: [email protected] was validated on 2025-07-01 mnt-by: MAINT-UCLOUD-HK last-modified: 2025-07-01T09:50:40Z source: APNIC role: ABUSE UCLOUDHK country: ZZ address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong phone: +000000000 e-mail: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: AU164-AP remarks: Generated from irt object IRT-UCLOUD-HK remarks: [email protected] was validated on 2025-07-01 remarks: [email protected] was validated on 2025-07-01 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-01T09:51:21Z source: APNIC role: UCLOUD INFORMATION TECHNOLOGY HK LIMITED address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong country: HK phone: +000000000 e-mail: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: UITH2-AP notify: [email protected] mnt-by: MAINT-UCLOUD-HK last-modified: 2022-05-16T03:54:14Z source: APNIC route: 118.193.61.0/24 origin: AS135377 descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED FLAT/RM 603 6/F LAWS COMMERCIAL PLAZA 788 CHEUNG SHA WAN ROAD, KL, mnt-by: MAINT-UCLOUD-HK last-modified: 2023-03-10T09:32:00Z country: JP source: APNIC
references
https://cloud.google.com/blog/topics/threat-intelligence/uncovering-unc3886-espionage-operations, https://thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 6 days ago
Appeared in 10 threat reports