IOC Radar
IPMediumSignal 42/100

178.210.51.78

Location
Russian FederationRussian Federation
Voronezh, VOR
ASN
AS43727
JSC KVANT-TELEKOM
First Seen
Dec 6, 2020
Last Seen
Jun 7, 2026
Dec 6
First Seen
2013d ago
Jun 7
Last Seen
3d ago
10
Reports
source reports
42%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
42%
Signal Score
42 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

39 techniques

Network Information

CountryRURussian Federation
RegionVoronezh, VOR
ASNAS43727
OrganizationJSC KVANT-TELEKOM

Feed Intelligence Summary

10 reports42% confidence
10
Source reports
42%
Confidence score
Category tags
access controlactive scanactive scanningattackaustraliabad reputationblacklist candidatebotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptsbrute-forcecommand and controlcommand executioncommand injectioncommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposuredatabase securityddosddos attacksdecoy systemdhcpdionaeadionaea honeypotdistributed attacksdnsdns attackelasticsearchencryptioneurope/asiaexploitexploit attemptsexploitation activityexploited hostfattftpftp brute forcehackinghoneytrap honeypothttp brute forcehttp scannerhttp scanningidentity & access exploitationimapindicatorinformation gatheringinitial accessinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attacklateral movementldapmailoney honeypotmalicious activitymalicious ipmalicious softwaremalwaremalware behaviourmalware capturemalware distributionmiraimirai botnetmssqlmssql brute forcenetworknetwork attacksnetwork intrusionnetwork intrusion attemptsnetwork monitoringnetwork probenetwork probingnetwork protocolnetwork scannetwork scanningnetwork securityntpoceaniaoraclep0fpassword attacksphishingphishing attackphishing trappostgresprocess injectionprotocol exploitationreconnaissanceredisremote accessremote servicesresearchedresource hijackingrurussiarussian federationscanscannersecurity operationssecurity policysensor-taggedsentrypeer botnetserver exploitationsmbsmb brute forcesmtpsnmpsocial engineeringsocks5sql injectionsshssh attackssh monitoringt1021t1021.001t1021.002t1040t1046t1055t1059t1059.003t1059.005t1068t1071t1071.001t1077t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1190t1210t1486t1496t1499.001t1499.002t1499.003t1505.002t1505.004t1550.003t1562t1565t1566.001t1566.002t1566.003t1595t1595.001t1595.002t1595.003tannertargeting databasetcptcp protocoltelecommunicationstelnettelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotvncvnc protocolvoipvoip attackweb traffic

Activity Timeline

1 total obs
Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
42
SIGNAL
Signal Score
42%
Confidence
10
Reports
First seenDec 6, 2020
Last seenJun 7, 2026
GeolocationRU
CountryRussian Federation
LocationVoronezh, VOR
ASNAS43727
OrgJSC KVANT-TELEKOM
Coords51.6664, 39.1700

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 445 SMB. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 178.210.48.0 - 178.210.55.255 netname: SVYAZ-TELECOM-RU descr: KVANT-TELECOM descr: Voronezh country: RU admin-c: SUB8-RIPE tech-c: OYG1-RIPE status: ASSIGNED PA mnt-by: K-T-MNT mnt-routes: K-T-MNT mnt-domains: K-T-MNT mnt-lower: K-T-MNT created: 2011-01-18T07:08:48Z last-modified: 2016-06-09T12:47:43Z source: RIPE person: Oleg Yuryevich Gnedyh address: 22 Eremeeva str., address: Voronezh, Russia phone: +74732330330 nic-hdl: OYG1-RIPE mnt-by: K-T-MNT created: 2007-09-16T14:36:00Z last-modified: 2018-03-28T11:49:27Z source: RIPE person: S U B address: Nikitinskaya str., address: Voronezh, Russia phone: +7 4732 531133 nic-hdl: SUB8-RIPE mnt-by: ARTN-MNT created: 2009-04-05T11:11:28Z last-modified: 2018-05-30T07:31:16Z source: RIPE route: 178.210.51.0/24 descr: KVANT-TELECOM-VRN origin: AS43727 mnt-by: K-T-MNT created: 2014-07-01T10:32:58Z last-modified: 2014-07-01T10:32:58Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 3 days ago
Appeared in 10 threat reports