IOC Radar
IPMediumSignal 23/100

123.19.11.204

Location
VietnamVietnam
Da Nang, SG
ASN
AS45899
Vietnam Posts and Telecommunications Group
First Seen
Feb 12, 2025
Last Seen
Apr 5, 2026
Feb 12
First Seen
486d ago
Apr 5
Last Seen
69d ago
7
Reports
source reports
23%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
23%
Signal Score
23 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryVNVietnam
RegionDa Nang, SG
ASNAS45899
OrganizationVietnam Posts and Telecommunications Group

Feed Intelligence Summary

7 reports23% confidence
7
Source reports
23%
Confidence score
Category tags
active scanactive scanningadbhoney attacksadbhoney honeypotasiaattackbotnetbotnet activitybrute forcebrute force attackcommand and controlcommunication protocolcompromised credentialscowrie honeypotcowrie ssh attackscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securitydecoy systemdionaea honeypotdionaea malware analysisdionaea malware collectiondistributed attackselasticpot honeypotelasticsearch monitoringexploitation activityftp brute forceheralding attack patternidentity & access exploitationindicatorinjection activityiot securitylateral movementmailoney email attacksmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturenetworknetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trapprocess injectionpython script activityreconnaissanceresearchedresource hijackingsentrypeer botnetsftp attacksocial engineeringspamssh attackssh monitoringt1021t1021.002t1040t1041t1046t1055t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1190t1195.001t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583.001t1595t1595.001t1595.002t1595.003tannertanner web attackstargeting databasetelecommunicationsthreat actorthreat intelligencetor nodeviet namvietnamvnvoipvoip attack

Activity Timeline

1 total obs
Apr 5Apr 5

Threat Activity Heatmap

· Peak: 2026-04-05
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
23
SIGNAL
Signal Score
23%
Confidence
7
Reports
First seenFeb 12, 2025
Last seenApr 5, 2026
GeolocationVN
CountryVietnam
LocationDa Nang, SG
ASNAS45899
OrgVietnam Posts and Telecommunications Group
Coords10.8326, 106.6581

VirusTotal

Not checked

WHOIS

description
2025-03-05T13:43:38.577Z Honeypot : Heralding : Source: 123.19.11.204 : Username/Password: ADMIN/hosting1 Port: 1080 Message: 2025-03-05 13:43:38.577532,6471e135-6312-4aef-a6f5-84e142e87c76,da6f3edd-fbbe-4398-a1c9-c1eec00ad880,123.19.11.204,60379,99.18.26.21,1080,socks5,ADMIN,hosting1,
raw
inetnum: 123.16.0.0 - 123.31.255.255 netname: VNPT-VN descr: Vietnam Posts and Telecommunications Group descr: No 57, Huynh Thuc Khang Street, Lang Ha ward, Dong Da district, Ha Noi City country: VN admin-c: PTH13-AP tech-c: PTH13-AP status: ALLOCATED PORTABLE mnt-by: MAINT-VN-VNNIC mnt-lower: MAINT-VN-VNPT mnt-routes: MAINT-VN-VNPT last-modified: 2018-01-25T03:55:17Z mnt-irt: IRT-VNNIC-AP source: APNIC irt: IRT-VNNIC-AP address: Ha Noi, VietNam phone: +84-24-35564944 fax-no: +84-24-37821462 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTTT1-AP tech-c: NTTT1-AP auth: # Filtered mnt-by: MAINT-VN-VNNIC last-modified: 2017-11-08T09:40:06Z source: APNIC person: Pham Tien Huy address: VNPT-VN country: VN phone: +84-24-37741604 e-mail: [email protected] nic-hdl: PTH13-AP mnt-by: MAINT-VN-VNPT last-modified: 2017-11-19T07:06:20Z source: APNIC route: 123.19.0.0/20 descr: VietNam Post and Telecom Corporation (VNPT) descr: VNPT-AS-AP country: VN origin: AS45899 remarks: mailto: [email protected] notify: [email protected] mnt-by: MAINT-VN-VNPT last-modified: 2010-08-10T08:20:13Z source: APNIC route: 123.19.0.0/20 descr: VietNam Post and Telecom Corporation (VNPT) descr: VNPT-AS-AP country: VN origin: AS7643 remarks: mailto: [email protected]<javascript:parent.addSender(%22%[email protected]%22)> notify: [email protected] mnt-by: MAINT-VN-VNPT last-modified: 2010-01-19T01:25:56Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 7 threat reports