IOC Radar
IPMediumSignal 45/100

18.17.2.44

Location
United StatesUnited States
Cambridge, MA
ASN
AS3
Massachusetts Institute of Technology
First Seen
Apr 9, 2026
Last Seen
Apr 14, 2026
Apr 9
First Seen
65d ago
Apr 14
Last Seen
60d ago
3
Reports
source reports
45%
Confidence
medium
1/91
VirusTotal
detections
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
45%
Signal Score
45 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

21 techniques

Network Information

CountryUSUnited States
RegionCambridge, MA
ASNAS3
OrganizationMassachusetts Institute of Technology

Feed Intelligence Summary

3 reports45% confidence
3
Source reports
45%
Confidence score
Category tags
active scananalytics naansiaptasciiascii textattackbotnet activitybrute forcebusiness internet servicesbuttonchatclick-based attackcloseclose logcode executioncode injectioncommand executioncontactcookiecredential harvestingcredential stuffingcrlfcrlf linedata exfiltrationdata store exposuredefense evasionedit3iconerrorexecutable fileexploitation activityfindgartnergdlnameget fiosgtmw2vn2cqguest systemhtml documenthtml pagehtmldivelementhybrididentity & access exploitationindicatoringress tool transferinjection activityinput validation bypassinsertiot securityjava sourcejsonlearnlf linelocallte networkmac osmalicious activitymalicious downloadmalicious linksmalicious softwaremalwaremalware distributionmemoryfile scanmetadata analysismitre attackmodelnetworknetwork infonextnorth americaonlineoverview zenboxpath traversalphishingphishing attackphone servicespng imagepng multimediaprocess injectionprocesses extraprogramqakbotransomwarereactresearchedrgbarobotorotateccwiconruntime datasandboxsaveiconscrollshopshop verizonshortcutitemsitesmallsocial engineeringsocial media securityspanstringssubmitsupportt1055t1055 processt1059t1071t1071.001t1082t1095t1105t1190t1204.001t1204.002t1486t1497t1518t1560t1562t1565t1566t1566.001t1566.002t1566.003t1574tag managerteamthisthreat actortitletor nodetrojan malwaretypeof etypeof symbolunicode textunited statesupgradeuser executionutc amazonutc aw2761768utc aw685973utc bingutc dc685973utc dc9849921utc g12r1dx1lx7utc googleutf8 textverdictverizonverizon businessverizon business accountverizon business phoneverizon business planverizon business serviceverizon for businessvoiceweb application attackweb application exploitationwindirxiconzip archive

Activity Timeline

1 total obs
Apr 14Apr 14

Threat Activity Heatmap

· Peak: 2026-04-14
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
45
SIGNAL
Signal Score
45%
Confidence
3
Reports
First seenApr 9, 2026
Last seenApr 14, 2026
GeolocationUS
CountryUnited States
LocationCambridge, MA
ASNAS3
OrgMassachusetts Institute of Technology
Coords42.3649, -71.0987

VirusTotal

1/ 91vendors flagged
1% detection rateJun 4, 2026

WHOIS

description
CC=US ASN=AS3 massachusetts institute of technology
raw
NetRange: 18.0.0.0 - 18.31.255.255 CIDR: 18.0.0.0/11 NetName: MIT NetHandle: NET-18-0-0-0-1 Parent: NET18 (NET-18-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Massachusetts Institute of Technology (MIT-2) RegDate: 1994-01-01 Updated: 2025-12-02 Ref: https://rdap.arin.net/registry/ip/18.0.0.0 OrgName: Massachusetts Institute of Technology OrgId: MIT-2 Address: Room W92-167 Address: 77 Massachusetts Avenue City: Cambridge StateProv: MA PostalCode: 02139-4307 Country: US RegDate: Updated: 2024-11-25 Ref: https://rdap.arin.net/registry/entity/MIT-2 OrgNOCHandle: MNO78-ARIN OrgNOCName: MIT Network Operations OrgNOCPhone: +1-617-253-8400 OrgNOCEmail: [email protected] OrgNOCRef: https://rdap.arin.net/registry/entity/MNO78-ARIN OrgRoutingHandle: MNO78-ARIN OrgRoutingName: MIT Network Operations OrgRoutingPhone: +1-617-253-8400 OrgRoutingEmail: [email protected] OrgRoutingRef: https://rdap.arin.net/registry/entity/MNO78-ARIN OrgTechHandle: GOMES41-ARIN OrgTechName: Gomes, Marco OrgTechPhone: +1-617-253-0336 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/GOMES41-ARIN OrgAbuseHandle: MNS18-ARIN OrgAbuseName: MIT Network Security OrgAbusePhone: +1-617-324-1782 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/MNS18-ARIN OrgDNSHandle: MNO78-ARIN OrgDNSName: MIT Network Operations OrgDNSPhone: +1-617-253-8400 OrgDNSEmail: [email protected] OrgDNSRef: https://rdap.arin.net/registry/entity/MNO78-ARIN OrgTechHandle: BROWN2958-ARIN OrgTechName: Brown, Olu OrgTechPhone: +1-617-258-7870 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/BROWN2958-ARIN RNOCHandle: MNO78-ARIN RNOCName: MIT Network Operations RNOCPhone: +1-617-253-8400 RNOCEmail: [email protected] RNOCRef: https://rdap.arin.net/registry/entity/MNO78-ARIN RAbuseHandle: MNS18-ARIN RAbuseName: MIT Network Security RAbusePhone: +1-617-324-1782 RAbuseEmail: [email protected] RAbuseRef: https://rdap.arin.net/registry/entity/MNS18-ARIN
references
https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO, https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737365&Signature=S%2B7RcHYjab1hbKlKwFfvUbDirFPJS1A2TJQ3bVIObMcON4PD9pRDvhMtYMCnEBrYsICi0UJCFW5eUDolL5Jlbngsc587kF36vvuhlkPprbkSOY1jOyDTpe3Qsb6jRFz3xwOfZc9S5QervoLnRKb%2FyGSyZE6ZK6TxzBrOPczPtZ7sLf9NfD6E%2B2gMRXaRjEqVwVITLG7YqCiiNuohFOuNlK3uNHFpIk53viKvBSAIqLtSklH9bHW4q1DX, https://www.verizon.com/business/, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737710&Signature=fbsokraSd7lsYmUfaTEl8Phs2K3hp7AtVmQU9axeEBcYmYbrrYrrfpP5lPEQaE%2Fh3%2BEP9Rn8mD8D1haqQVXCN0VVlxJ4sddjWmyC5USsgBsvUb0%2F72h1WHDS2KXHlteZWE%2Bauckabain9D5kX501AnqFY38s77OIqO6SMOkQ%2BvXiDSSRK%2FZhbfradBnei3ZLHsXGxkoshTyvB0%2BC%2F8SiUzdVsqSjik0Bn2r%2BIlLpDQK90GlZTD0N, https://hybrid-analysis.com/sample/78a7e765ffd6dff7af3b92b6234271fd0dddf5945f38e70d0e22324c1ec06eca/64414afe0ebb5831a20ce8f0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 2 months ago
Appeared in 3 threat reports