IOC Radar
IPHighVerifiedSignal 29/100

185.181.230.110

Location
Moldova, Republic ofMoldova, Republic of
Chisinau, Chișinău Municipality
ASN
AS60602
INOVARE
First Seen
Sep 18, 2025
Last Seen
Feb 12, 2026
Sep 18
First Seen
277d ago
Feb 12
Last Seen
130d ago
6
Reports
source reports
29%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

30 techniques

Network Information

CountryMDMoldova, Republic of
RegionChisinau, Chișinău Municipality
ASNAS60602
OrganizationINOVARE

Feed Intelligence Summary

6 reports29% confidence
6
Source reports
29%
Confidence score
Category tags
active scanninganti-analysisapixoraptapt groupapt group: prowlerapt-c-60apt-q-12aptc60asia targetedbackdoorbackdoor deploymentbackdoor loaderc2 channel: githubc2 infrastructurechamd5code executioncommand and controlcommand executioncredential accesscredential harvestingdata exfiltrationdata theftencrypted communicationencryptionevasionevasion techniquesexfiltrationfalse huntergithubgithub c2httpsindicatoringress tool transferkimsukylivemalicious downloadmalicious softwaremalwaremalware distributionmilitary espionagemoldova, republic ofnaksoonetworknetwork probingpayloadpayload deliverypayload obfuscationphishingphishing attackpolitical espionageprocess injectionreconnaissanceremote accessresearchedself-signedsocial engineeringsoftware exploitationstealth soldierstealth techniquesstopextensiont regexpandszt1003t1003.001t1003.003t1027t1041t1055t1059t1059.003t1071t1071.001t1102t1102.002t1105t1133t1199t1203t1486t1538t1547.001t1565t1566t1566.001t1566.002t1566.003t1573t1573.001t1583t1595.001t1595.002t1595.003targeted attackthreat actor groupthreat actor: apt-q-12vhdxvhdx payload

Activity Timeline

1 total obs
Feb 12Feb 12

Threat Activity Heatmap

· Peak: 2026-02-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
6
Reports
First seenSep 18, 2025
Last seenFeb 12, 2026
Verified IOC
GeolocationMD
CountryMoldova, Republic of
LocationChisinau, Chișinău Municipality
ASNAS60602
OrgINOVARE
Coords47.0042, 28.8574

VirusTotal

Not checked

WHOIS

description
CC=MD ASN=AS60602 inovare-prim srl
raw
inetnum: 185.181.230.0 - 185.181.230.255 netname: MD-INOVARE-20170727 country: MD admin-c: DP13550-RIPE tech-c: DP13550-RIPE geofeed: https://innovahosting.net/geofeed.csv status: ASSIGNED PA mnt-by: INOVARE-MNT created: 2017-07-27T08:35:56Z last-modified: 2024-03-05T08:37:53Z source: RIPE person: Dan Popusoi address: str. Uzinelor 4/2, 3rd floor address: MD-2023 address: Chisinau address: MOLDOVA, REPUBLIC OF phone: +37322011011 nic-hdl: DP13550-RIPE mnt-by: md-inovare-1-mnt created: 2016-12-12T11:40:14Z last-modified: 2021-10-12T05:41:27Z source: RIPE # Filtered route: 185.181.230.0/24 origin: AS60602 mnt-by: INOVARE-MNT created: 2017-07-27T08:36:12Z last-modified: 2017-07-27T08:36:12Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 9 months ago · Last seen 4 months ago
Appeared in 6 threat reports