IOC Radar
IPMediumSignal 100/100

122.199.98.82

Location
Korea, Republic ofKorea, Republic of
Gumi, 27
ASN
AS9981
kt HCN Co., Ltd.
First Seen
Nov 20, 2024
Last Seen
May 10, 2026
Nov 20
First Seen
571d ago
May 10
Last Seen
35d ago
13
Reports
source reports
99%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryKRKorea, Republic of
RegionGumi, 27
ASNAS9981
Organizationkt HCN Co., Ltd.

Feed Intelligence Summary

13 reports99% confidence
13
Source reports
99%
Confidence score
Category tags
abuseactive scanningaptarmasciiasiaasyncratattackauto-generated securitybase64bitbucketbotnetbotnetdomainbrute forcebrute force attackcoinminercommand and controlcommunication technologiesconnected devicescowriecowrie honeypotcowrie honeypot datacredential accesscredential stuffingctadarkgatedata exfiltrationdbatloaderddos attacksdecoy systemdefault credentialsdevice managementdistributed attacksdlldocdonutelfencodedexegithubglobalguloaderhajimehtaindicatorindustrial iotinfostealeringress tool transferinternet of thingsiot analyticsiot applicationsiot botnetiot platformsiot securityiot/ics attackjpgkorea, republic ofkrlokimalicious activitymalicious softwaremalwaremipsmirai botnetmirai variantmobile carriersmobile networksmozimysqlnetsupportratnetworknetwork probingnetwork scanningnetwork securitynetwork service scanningnginxopendirpassword attacksprocess injectionprotocol exploitationps1purecrypterpythonratreconnaissanceremcos trojanremcosratremote accessremote servicesresearchedrouter exploitationsaint helena, ascension and tristan da cunhascannerscanning activityserversftpsftp attacksftp exploit attemptshellcodeshellcoderunnerslugsmart devicessmoke loadersouth koreaspectersshssh attackssh monitoringstealcstealerstegosurface webt1021t1021.001t1021.002t1021.004t1040t1041t1055t1059.001t1059.003t1068t1071.001t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1486t1496t1497.001t1499.002t1499.003t1550.002t1555.003t1565t1595t1595.001t1595.002t1595.003tcp/23telecom servicestelecommunicationstelnet threatthreat actortrojan malwareunauthorized access attemptvbsvidarvoipvpnfilterweak passwordswebdavxmrigzip

Activity Timeline

1 total obs
May 10May 10

Threat Activity Heatmap

· Peak: 2026-05-10
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
13
Reports
First seenNov 20, 2024
Last seenMay 10, 2026
GeolocationKR
CountryKorea, Republic of
LocationGumi, 27
ASNAS9981
Orgkt HCN Co., Ltd.
Coords35.8723, 128.5924

VirusTotal

Not checked

WHOIS

description
Imported indicator
raw
inetnum: 122.199.64.0 - 122.199.127.255 netname: HCN descr: HYUNDAI COMMUNICATIONS NETWORK country: KR admin-c: IM699-AP tech-c: IM699-AP status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR last-modified: 2019-04-29T07:39:58Z source: APNIC irt: IRT-KRNIC-KR address: 9, Jinheung-gil, Naju-si, Jeollanam-do e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IM574-AP tech-c: IM574-AP auth: # Filtered remarks: [email protected] was validated on 2020-04-09 mnt-by: MNT-KRNIC-AP last-modified: 2025-04-10T04:49:23Z source: APNIC person: IP Manager address: Seoul Mapo-gu Maebongsan-ro 75 country: KR phone: +82-2-1877-8000 e-mail: [email protected] nic-hdl: IM699-AP mnt-by: MNT-KRNIC-AP last-modified: 2025-02-13T00:54:03Z source: APNIC inetnum: 122.199.64.0 - 122.199.127.255 netname: HCN-KR descr: HYUNDAI COMMUNICATIONS NETWORK country: KR admin-c: IA82-KR tech-c: IM82-KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Seoul Mapo-gu Maebongsan-ro 75 address: HCN country: KR phone: +82-2-1877-8000 e-mail: [email protected] nic-hdl: IA82-KR mnt-by: MNT-KRNIC-AP remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Seoul Mapo-gu Maebongsan-ro 75 address: HCN country: KR phone: +82-2-1877-8000 e-mail: [email protected] nic-hdl: IM82-KR mnt-by: MNT-KRNIC-AP remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://github.com/telekom-security/tpotce, https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 13 threat reports