IOC Radar
IPMediumSignal 71/100

178.94.215.30

Location
UkraineUkraine
Kyiv, 07
First Seen
Mar 3, 2025
Last Seen
Feb 9, 2026
Mar 3
First Seen
469d ago
Feb 9
Last Seen
126d ago
7
Reports
source reports
71%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryUAUkraine
RegionKyiv, 07
OrganizationJSC "Ukrtelecom"

Feed Intelligence Summary

7 reports71% confidence
7
Source reports
71%
Confidence score
Category tags
amadeyarmasciiasyncratauthenticationauthentication attackbackdoorbase64-loaderbotnetbotnetdomainbrute forcebrute force attackbrute force attemptc2censyscobaltstrikecoinminercommand and controlcredential accesscredential stuffingdata exfiltrationddos attacksdecoy systemdistributed attacksdllelfencodedeuropeexefailed authenticationfakecaptchagafgythajimehavochijackloaderhtahtmlidatloaderindicatorinternet of thingsiot botnetiot/ics attacklnklogin attacklummalummastealermalicious softwaremalwaremetastealermeterpretermipsmirai botnetmoobotmozinetworknetwork intrusionnetwork securitynetwork service exploitationnetwork service scanningnorth americaopendirpassword attacksprocess injectionprotocol exploitationps1quakbotrarredir-302remote accessresearchedrev-base64-loaderrustystealersaint helena, ascension and tristan da cunhascrssh attacksshdkitstealersystembct1021t1021.004t1027t1040t1055t1059t1071t1071.001t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1204t1486t1496t1499.002t1499.003t1565t1566t1589t1589.002t1595t1595.001tag:captchatelnet threatthreat intelligenceukraineunited statesvidarwsgidavx86-32xml-opendirzip

Activity Timeline

1 total obs
Feb 9Feb 9

Threat Activity Heatmap

· Peak: 2026-02-09
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
7
Reports
First seenMar 3, 2025
Last seenFeb 9, 2026
GeolocationUA
CountryUkraine
LocationKyiv, 07
OrgJSC "Ukrtelecom"
Coords51.4360, 24.4472

VirusTotal

Not checked

WHOIS

description
IP addresses associated with URL injected into SSH honeypot
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 7 threat reports