IOC Radar
IPMediumSignal 39/100

124.0.1.50

Location
Korea, Republic ofKorea, Republic of
Seoul, Seoul
ASN
AS9644
SK Telecom
First Seen
Sep 20, 2023
Last Seen
Jun 7, 2026
Sep 20
First Seen
995d ago
Jun 7
Last Seen
3d ago
7
Reports
source reports
39%
Confidence
medium
2/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
39%
Signal Score
39 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

29 techniques

Network Information

CountryKRKorea, Republic of
RegionSeoul, Seoul
ASNAS9644
OrganizationSK Telecom

Feed Intelligence Summary

7 reports39% confidence
7
Source reports
39%
Confidence score
Category tags
access controlactive scanactive scanningasiaattackaustraliablacklist candidatebotnetbotnet activitybrute forcebrute force attackbrute force attemptscommand and controlcommunication protocolcowrie honeypotcowrie interactionscredential accesscredential stuffingdata encryptiondata exfiltrationdata store exposureddosddos attacksdecoy systemdionaea honeypotdionaea interactionsdistributed attacksencryptionexploitation activityexploited hostfattfatt signaturesftp brute forcehackinghoneytrap honeypothoneytrap interactionshttp probingidentity & access exploitationindicatorinjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attackkorea (the republic of)korea, republic ofkrlateral movementmailoney honeypotmailoney interactionsmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemirai botnetnetworknetwork attacksnetwork intrusion detectionnetwork probenetwork probingnetwork protocolnetwork scannetwork scanningnetwork securityoceaniap0fp0f signaturespassword attacksphishingphishing attackphishing trapprocess injectionprotocol exploitationreconnaissanceresearchedresource hijackingscanscannersecurity policysensor-taggedsentrypeer botnetsentrypeer interactionssmtp probingsouth koreassh attackssh monitoringsuricata alertst1021.002t1040t1046t1055t1059t1068t1071.001t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1210t1486t1496t1499.001t1499.002t1499.003t1550.003t1562t1565t1595t1595.001t1595.002t1595.003tannertanner interactionstcp protocoltelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotvoip attack

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
39
SIGNAL
Signal Score
39%
Confidence
7
Reports
First seenSep 20, 2023
Last seenJun 7, 2026
GeolocationKR
CountryKorea, Republic of
LocationSeoul, Seoul
ASNAS9644
OrgSK Telecom
Coords37.5112, 126.9741

VirusTotal

2/ 91vendors flagged
2% detection rateJun 8, 2026

WHOIS

description
Scans hitting the server at TCP port 445 SMB. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 124.0.0.0 - 124.1.255.255 netname: SK-TELECOM-NET descr: SK Telecom admin-c: IM687-AP tech-c: IM687-AP country: KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR last-modified: 2017-02-02T06:03:36Z source: APNIC irt: IRT-KRNIC-KR address: 9, Jinheung-gil, Naju-si, Jeollanam-do e-mail: [email protected] abuse-mailbox: [email protected] admin-c: IM574-AP tech-c: IM574-AP auth: # Filtered remarks: [email protected] was validated on 2020-04-09 mnt-by: MNT-KRNIC-AP last-modified: 2025-04-10T04:49:23Z source: APNIC person: IP Manager address: Seoul Jung-gu Eulji-ro 65 country: KR phone: +82-2-1599-0011 e-mail: [email protected] nic-hdl: IM687-AP mnt-by: MNT-KRNIC-AP last-modified: 2017-10-10T00:50:38Z source: APNIC inetnum: 124.0.0.0 - 124.1.255.255 netname: SK-TELECOM-NET-KR descr: SK Telecom country: KR admin-c: IA110-KR tech-c: IA110-KR status: ALLOCATED PORTABLE mnt-by: MNT-KRNIC-AP mnt-irt: IRT-KRNIC-KR changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC person: IP Manager address: Seoul Jung-gu Eulji-ro 65 address: T tower country: KR phone: +82-2-1599-0011 e-mail: [email protected] nic-hdl: IA110-KR mnt-by: MNT-KRNIC-AP changed: [email protected] 20240912 remarks: This information has been partially mirrored by APNIC from remarks: KRNIC. To obtain more specific information, please use the remarks: KRNIC whois server at whois.kisa.or.kr. source: KRNIC

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 3 days ago
Appeared in 7 threat reports