IOC Radar
IPMediumSignal 95/100

175.100.104.134

Location
CambodiaCambodia
Phnom Penh, Pailin
ASN
AS38623
Viettel (cambodia) Pte., Ltd.
First Seen
Aug 26, 2023
Last Seen
Feb 9, 2026
Aug 26
First Seen
1020d ago
Feb 9
Last Seen
122d ago
20
Reports
source reports
95%
Confidence
medium
Found in 20 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
95%
Signal Score
95 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

36 techniques

Network Information

CountryKHCambodia
RegionPhnom Penh, Pailin
ASNAS38623
OrganizationViettel (cambodia) Pte., Ltd.

Feed Intelligence Summary

20 reports95% confidence
20
Source reports
95%
Confidence score
Category tags
access controlaccount compromiseactive scanningadbhoney honeypotattackbotnetbotnet activity detectedbrute forcebrute force attackc2c2 communicationcambodiacisco devicecloud infrastructurecloud infrastructure attackcloud servicescommand and controlcommunication protocolcompromised credentialscompromised hostcompromised hostscowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdatabase securityddosddos attacksddos preparationdecoy systemdevice managementdionaea honeypotdionaea interactionsdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingheralding attack patternhoneytrap honeypotimapimap attackindicatorinternet of thingsintrusion detectioniot botnetiot/ics attacklamplateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionmirai botnetmssqlnetworknetwork attacksnetwork infrastructurenetwork intrusion attemptsnetwork protocolnetwork scanningnetwork securitynetwork traffic analysispassword attacksphishingphishing attackphishing trapprocess injectionpython script activityratreconnaissanceresearchedresource hijackingscanscannersecurity policysentrypeer botnetsftp attacksmtpsmtp attackersocial engineeringspamssh attackssh monitoringt1016.001t1021t1021.002t1040t1041t1046t1055t1059t1071t1071.001t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1595t1595.001t1595.002t1595.003tannertcp protocoltelecommunicationsthreat actorthreat detectionthreat intelligencethreat preventionvoipvoip attack

Activity Timeline

1 total obs
Feb 9Feb 9

Threat Activity Heatmap

· Peak: 2026-02-09
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
95
SIGNAL
Signal Score
95%
Confidence
20
Reports
First seenAug 26, 2023
Last seenFeb 9, 2026
GeolocationKH
CountryCambodia
LocationPhnom Penh, Pailin
ASNAS38623
OrgViettel (cambodia) Pte., Ltd.
Coords12.8490, 102.6093

VirusTotal

Not checked

WHOIS

description
2025-04-23T17:10:04.127Z Honeypot : Heralding : Source: 175.100.104.134 : Username/Password: adminTigo/1234567 Port: 1080 Message: 2025-04-23 17:10:04.127768,7025a02d-3cff-4c6f-95f9-48b639807b9c,706dc2f6-9e9a-4b0f-81ad-7597bf3b7db8,175.100.104.134,54394,99.18.26.19,1080,socks5,adminTigo,1234567,
references
https://github.com/telekom-security/tpotce, https://jamesbrine.com.au/vultrparis-mssql-bruteforce-ip-list-2023-12-13/, https://jamesbrine.com.au

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 4 months ago
Appeared in 20 threat reports