IOC Radar
IPMediumSignal 63/100

185.244.152.240

Location
IraqIraq
Erbil, AR
ASN
AS206206
kurdistan
First Seen
Aug 21, 2025
Last Seen
Apr 28, 2026
Aug 21
First Seen
298d ago
Apr 28
Last Seen
47d ago
10
Reports
source reports
63%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Network Information

CountryIQIraq
RegionErbil, AR
ASNAS206206
Organizationkurdistan

Feed Intelligence Summary

10 reports63% confidence
10
Source reports
63%
Confidence score
Category tags
active scanactive scanningaptasiabad web botbotnet activitybrute forcebrute force attackcredential accesscredential stuffingddosddos attackdenial of serviceexploitation activityidentity & access exploitationimapimap attackindicatoriqiraqnetworkpassword attacksreconnaissanceresearchedscannersmtpsmtp attackerssh attackt1110.001t1110.002t1110.003t1110.004t1190t1203t1499.001t1595.001t1595.002t1595.003threat actortor nodeweb app attackweb application attackweb exploitation

Activity Timeline

1 total obs
Apr 28Apr 28

Threat Activity Heatmap

· Peak: 2026-04-28
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
10
Reports
First seenAug 21, 2025
Last seenApr 28, 2026
GeolocationIQ
CountryIraq
LocationErbil, AR
ASNAS206206
Orgkurdistan
Coords36.1828, 44.0105

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
inetnum: 185.244.152.0 - 185.244.153.255 geoloc: 36.192153 43.953515 netname: kurdistan-net-subnet-29 country: IQ admin-c: AR35110-RIPE tech-c: AR35110-RIPE status: ASSIGNED PA mnt-by: newroztelecom-mnt mnt-by: K-NET mnt-by: newroztelecom-routemnt mnt-by: iq-exabyt-1-mnt mnt-by: K-Net-Telecom-MNT created: 2020-03-26T17:20:41Z last-modified: 2020-04-02T07:43:23Z source: RIPE person: Admin RIPE address: 32 Park address: 44000 address: Erbil address: IRAQ phone: +96466186 nic-hdl: AR35110-RIPE mnt-by: K-NET created: 2016-01-28T09:18:42Z last-modified: 2018-02-27T11:52:33Z source: RIPE route: 185.244.152.0/24 origin: AS206206 mnt-by: K-NET mnt-by: K-Net-Telecom-MNT created: 2024-02-14T11:01:04Z last-modified: 2024-02-14T11:01:04Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 9 months ago · Last seen 1 month ago
Appeared in 10 threat reports