IOC Radar
IPMediumSignal 94/100

119.184.31.46

Location
ChinaChina
Jinan, Shandong
ASN
AS4837
CNC Group CHINA169 Shandong Province Network
First Seen
Feb 16, 2025
Last Seen
Feb 12, 2026
Feb 16
First Seen
483d ago
Feb 12
Last Seen
122d ago
10
Reports
source reports
94%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
94%
Signal Score
94 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryCNChina
RegionJinan, Shandong
ASNAS4837
OrganizationCNC Group CHINA169 Shandong Province Network

Feed Intelligence Summary

10 reports94% confidence
10
Source reports
94%
Confidence score
Category tags
abuseahmythapkarmasiaasyncratbackdoorbitbucketbotnetbotnetdomainc2censyschinacncobaltstrikecoinminercommand and controlcommunication protocolcredential harvestingctadata encryptiondata exfiltrationddos attacksdistributed attacksdlldropped-by-amadeyelfexeexploitextortionftpgafgythajimehavochijackloaderhttp scannerindicatoringress tool transferinternet of thingsiot botnetiot/ics attackjava-bytecodekaijil3monloaderlummastealermachomalicious executable downloadmalicious file downloadmalicious softwaremalwaremeduzastealermeterpretermipsmirai botnetmozimultiratnetworkopendirparaguaypayloadpdfphishing attackpinkpossible malware infectionprocess injectionps1qbotransomwareratredlinestealerremote accessresearchedsaint helena, ascension and tristan da cunhashellcodesliversmoke loadersocial engineeringsshdkitstealcsystem disruptionsystembct1005t1027t1041t1055t1059t1071t1071.001t1078t1105t1133t1189t1190t1204t1204.002t1486t1490t1496t1499.002t1499.003t1547t1565t1566t1566.001t1566.002t1566.003t1583t1584t1588t1588.002t1608tftptrojan malwareua-wgetvidarweb trafficwsgidavxmrigxorbotzip

Activity Timeline

1 total obs
Feb 12Feb 12

Threat Activity Heatmap

· Peak: 2026-02-12
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
94
SIGNAL
Signal Score
94%
Confidence
10
Reports
First seenFeb 16, 2025
Last seenFeb 12, 2026
GeolocationCN
CountryChina
LocationJinan, Shandong
ASNAS4837
OrgCNC Group CHINA169 Shandong Province Network
Coords34.7732, 113.7220

VirusTotal

Not checked

WHOIS

raw
inetnum: 119.176.0.0 - 119.191.255.255 netname: UNICOM-SD descr: China Unicom Shandong Province Network descr: China Unicom country: CN admin-c: CH1302-AP tech-c: XZ14-AP abuse-c: AC1718-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CNCGROUP mnt-lower: MAINT-CNCGROUP-SD mnt-routes: MAINT-CNCGROUP-RR mnt-irt: IRT-CU-CN last-modified: 2025-01-22T13:14:10Z source: APNIC irt: IRT-CU-CN address: No.21,Financial Street address: Beijing,100033 address: P.R.China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: MAINT-CNCGROUP last-modified: 2025-09-10T13:07:04Z source: APNIC role: ABUSE CUCN country: ZZ address: No.21,Financial Street address: Beijing,100033 address: P.R.China phone: +000000000 e-mail: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP nic-hdl: AC1718-AP remarks: Generated from irt object IRT-CU-CN remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-09-10T13:08:11Z source: APNIC person: ChinaUnicom Hostmaster nic-hdl: CH1302-AP e-mail: [email protected] address: No.21,Jin-Rong Street address: Beijing,100033 address: P.R.China phone: +86-10-66259764 fax-no: +86-10-66259764 country: CN mnt-by: MAINT-CNCGROUP last-modified: 2017-08-17T06:13:16Z source: APNIC person: XIAOFENG ZHANG nic-hdl: XZ14-AP e-mail: [email protected] address: Jinan,Shandong P.R China phone: +86-531-6666666 fax-no: +86-531-6666666 country: CN mnt-by: MAINT-ZXF last-modified: 2008-09-04T07:29:35Z source: APNIC route: 119.176.0.0/12 descr: CNC Group CHINA169 Shandong Province Network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2008-09-04T07:55:14Z source: APNIC
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 10 threat reports