IPMediumSignal 87/100
189.1.244.197
Location
BrazilHong Kong, Central and Western District
ASN
AS136907
Huawei Cloud
First Seen
Mar 31, 2025
Last Seen
Feb 14, 2026
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
87%
Signal Score
87 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryBrazil
BrazilRegionHong Kong, Central and Western District
ASNAS136907
OrganizationHuawei Cloud
Feed Intelligence Summary
9 reports87% confidence
9
Source reports
87%
Confidence score
Category tags
abuseagent teslaapi contactaptasiabeaconbeaconing activitybotnetbrazilc2c2 communicationcobaltcobalt strikecobaltstrikecommand and controlcompromised systemcredential harvestingdata encryptiondata exfiltrationdistributed attacksextortionfeedfindhong kongindicatorindicators of compromiseinfrastructure acquisitionreconnaissanceiociocslateral movementlinkedin pagemalicious softwaremalwaremalware distributionmanualnanocore ratnetworknetwork traffic analysispayload deliveryphishing attackpost-exploitation activityprocess injectionprotectransomwareransomware feedremote access trojanresearchedsecurity operationssentinel mispshodansocial engineeringsouth americastrongsystem disruptiont1005t1016t1021t1027t1041t1047t1049t1053t1055t1059t1059.001t1068t1071t1071.001t1083t1095t1105t1129t1134t1486t1490t1496t1499.002t1499.003t1543t1565t1566t1566.001t1566.002t1566.003t1569.002t1574t1587.001t1590.001threat actorthreat feedthreat intelligence
Activity Timeline
Feb 14Feb 14
Threat Activity Heatmap
· Peak: 2026-02-14LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
87
SIGNAL
Signal Score
87%
Confidence
9
Reports
First seenMar 31, 2025
Last seenFeb 14, 2026
GeolocationBR
CountryBrazil
LocationHong Kong, Central and Western District
ASNAS136907
OrgHuawei Cloud
Coords-22.8305, -43.2192
VirusTotal
Not checked
WHOIS
- description
- CC=BR ASN=AS28583 ruralweb telecomunicaes ltda
- raw
- inetnum: 189.1.224.0 - 189.1.255.255 netname: Huawei-Cloud-HK descr: Huawei-Cloud-HK country: HK admin-c: HIPL7-AP tech-c: HIPL7-AP abuse-c: AH905-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-HIPL-SG mnt-irt: IRT-HIPL-SG last-modified: 2024-08-13T10:04:00Z geofeed: https://res-static.hc-cdn.cn/cloudbu-site/china/zh-cn/IP-location/google-geo-feed.csv source: APNIC irt: IRT-HIPL-SG address: 15A Changi Business Park Central 1 Eightrium # 03-03/04, Singapore 486035 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: HIPL4-AP tech-c: HIPL4-AP auth: # Filtered remarks: [email protected] remarks: [email protected] was validated on 2025-06-30 mnt-by: MAINT-HIPL-SG last-modified: 2025-06-30T08:14:45Z source: APNIC role: ABUSE HIPLSG country: ZZ address: 15A Changi Business Park Central 1 Eightrium # 03-03/04, Singapore 486035 phone: +000000000 e-mail: [email protected] admin-c: HIPL4-AP tech-c: HIPL4-AP nic-hdl: AH905-AP remarks: Generated from irt object IRT-HIPL-SG remarks: [email protected] was validated on 2025-06-30 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-06-30T08:15:08Z source: APNIC role: HUAWEI INTERNATIONAL PTE LTD administrator address: 15A Changi Business Park Central 1 Eightrium #03-03/04, Singapore 486035 country: SG phone: +8618730601505 e-mail: [email protected] admin-c: HIPL7-AP tech-c: HIPL7-AP nic-hdl: HIPL7-AP notify: [email protected] mnt-by: MAINT-HIPL-SG last-modified: 2021-06-04T07:42:42Z source: APNIC route: 189.1.244.0/24 country: HK origin: AS136907 descr: HUAWEI INTERNATIONAL PTE. LTD. 15A Changi Business Park Central 1 Eightrium #03-03/04 mnt-by: MAINT-HIPL-SG last-modified: 2025-01-26T07:52:12Z source: APNIC
- references
- https://precisionsec.com/threat-intelligence-feeds/cobaltstrike/, https://threatfox.abuse.ch/export/csv/recent/
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 9 threat reports