IOC Radar
IPMediumSignal 22/100

124.158.174.158

Location
IndonesiaIndonesia
Meral, JK
ASN
AS9341
ICON+
First Seen
Dec 25, 2024
Last Seen
Apr 7, 2026
Dec 25
First Seen
532d ago
Apr 7
Last Seen
64d ago
6
Reports
source reports
22%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
22%
Signal Score
22 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryIDIndonesia
RegionMeral, JK
ASNAS9341
OrganizationICON+

Feed Intelligence Summary

6 reports22% confidence
6
Source reports
22%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotasiaattackbotnetbotnet activitybrute forcecommand and controlcommunication protocolcompromised credentialscowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdata store exposuredatabase securitydecoy systemdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploitation activityexploitation attemptexploitation attemptsftpheralding attack patternhttp scannerhttpsidentity & access exploitationindicatorindonesiainjection activityinjection attacksiot securitylateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsmalware detectionnetworknetwork intrusion attemptsnetwork scanningnetwork securityphishingphishing attackphishing trapprocess injectionprotocol exploitationpython script activityreconnaissanceremote accessremote servicesresearchedresource hijackingscanning activitysentrypeer botnetsftp access attemptsftp attackshell access attemptssip brute forcesocial engineeringspamssh attackssh monitoringt1021t1021.001t1040t1041t1046t1055t1059t1059.003t1071.001t1076t1078t1110t1110.002t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1583t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationstelnet threatthreat actorthreat intelligencetor nodevoipvoip attackweb traffic

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
22
SIGNAL
Signal Score
22%
Confidence
6
Reports
First seenDec 25, 2024
Last seenApr 7, 2026
GeolocationID
CountryIndonesia
LocationMeral, JK
ASNAS9341
OrgICON+
Coords-6.1741, 106.8296

VirusTotal

Not checked

WHOIS

description
2025-04-23T11:36:01.591Z Honeypot : Heralding : Source: 124.158.174.158 : Username/Password: adminkd/123123 Port: 1080 Message: 2025-04-23 11:36:01.591845,608c28aa-3521-4a6c-a290-0d8a4b440250,9bdc2654-2b4d-4f2b-b375-23a8063a03b7,124.158.174.158,46075,99.18.26.19,1080,socks5,adminkd,123123,
raw
inetnum: 124.158.160.0 - 124.158.175.255 netname: ICONPLN-ID descr: PT Indonesia Comnets Plus descr: Internet Service Provider descr: JL PLN EHV Desa Gandul Cinere descr: Depok 16512 country: ID admin-c: CA48-AP tech-c: CH274-AP abuse-c: AI847-AP status: ALLOCATED PORTABLE remarks: Send Spam & Abuse report to: [email protected] mnt-by: MNT-APJII-ID mnt-lower: MAINT-ID-ICONPLN mnt-routes: MAINT-ID-ICONPLN mnt-irt: IRT-ICON-ID last-modified: 2021-12-22T13:08:42Z source: APNIC irt: IRT-ICON-ID address: PT Indonesia Comnets Plus address: JL PLN EHV Gandul Cinere address: Depok 16512 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CA48-AP tech-c: CH274-AP auth: # Filtered remarks: [email protected] is invalid mnt-by: MAINT-ID-ICONPLN last-modified: 2022-09-21T02:01:39Z source: APNIC role: ABUSE ICONID address: PT Indonesia Comnets Plus address: JL PLN EHV Gandul Cinere address: Depok 16512 country: ZZ phone: +000000000 e-mail: [email protected] admin-c: CA48-AP tech-c: CH274-AP nic-hdl: AI847-AP remarks: Generated from irt object IRT-ICON-ID remarks: [email protected] is invalid abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2022-09-21T02:02:42Z source: APNIC person: Comnets Admin address: PT INDONESIA COMNETS PLUS address: Jl. EHV Gandul Limo - Depok country: ID phone: +62-21-753-2488 fax-no: +62-21-754-1259 e-mail: [email protected] nic-hdl: CA48-AP mnt-by: MAINT-ID-ICONPLN last-modified: 2008-09-04T07:29:20Z source: APNIC person: Comnets Hostmaster address: PT INDONESIA COMNETS PLUS address: Jl. EHV Gandul Limo - Depok country: ID phone: +62-21-753-2488 fax-no: +62-21-754-1259 e-mail: [email protected] nic-hdl: CH274-AP mnt-by: MAINT-ID-ICONPLN last-modified: 2008-09-04T07:29:20Z source: APNIC route: 124.158.160.0/20 descr: Route Object for ICON+ descr: PT Indonesia Comnets Plus descr: Jl PLN EHV Gandul Cinere descr: Depok 16512 origin: AS9341 mnt-by: MAINT-ID-ICONPLN last-modified: 2018-09-19T03:39:31Z source: APNIC inetnum: 124.158.160.0 - 124.158.175.255 netname: ICONPLN-ID descr: PT Indonesia Comnets Plus descr: Internet Service Provider descr: JL PLN EHV Desa Gandul Cinere descr: Depok 16512 country: ID admin-c: CA48-AP tech-c: CH274-AP remarks: Send Spam & Abuse report to: [email protected] mnt-by: MNT-APJII-ID mnt-irt: IRT-ICON-ID mnt-lower: MAINT-ID-ICONPLN status: ALLOCATED PORTABLE last-modified: 2018-08-23T18:08:37Z mnt-routes: MAINT-ID-ICONPLN source: IDNIC irt: IRT-ICON-ID address: PT Indonesia Comnets Plus address: JL PLN EHV Gandul Cinere address: Depok 16512 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CA48-AP tech-c: CH274-AP auth: # Filtered mnt-by: MAINT-ID-ICONPLN last-modified: 2011-03-07T08:55:21Z source: IDNIC person: Comnets Admin address: PT INDONESIA COMNETS PLUS address: Jl. EHV Gandul Limo - Depok country: ID phone: +62-21-753-2488 fax-no: +62-21-754-1259 e-mail: [email protected] nic-hdl: CA48-AP mnt-by: MAINT-ID-ICONPLN last-modified: 2008-09-04T07:29:20Z source: IDNIC person: Comnets Hostmaster address: PT INDONESIA COMNETS PLUS address: Jl. EHV Gandul Limo - Depok country: ID phone: +62-21-753-2488 fax-no: +62-21-754-1259 e-mail: [email protected] nic-hdl: CH274-AP mnt-by: MAINT-ID-ICONPLN last-modified: 2008-09-04T07:29:20Z source: IDNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 6 threat reports