IOC Radar
IPMediumSignal 27/100

190.186.39.2

Location
Bolivia, Plurinational State ofBolivia, Plurinational State of
Santa Cruz de la Sierra, S
ASN
AS25620
Marcelo Velarde
First Seen
Aug 30, 2020
Last Seen
Apr 6, 2026
Aug 30
First Seen
2110d ago
Apr 6
Last Seen
65d ago
8
Reports
source reports
27%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Network Information

CountryBOBolivia, Plurinational State of
RegionSanta Cruz de la Sierra, S
ASNAS25620
OrganizationMarcelo Velarde

Feed Intelligence Summary

8 reports27% confidence
8
Source reports
27%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningatif feedattackauto-generated securitybad reputationbanlist feedbinary defenseblacklist candidatebobolivia, plurinational state ofbotnetbotnet activitybrute forcecommand and controlcommunication protocolcredential harvestingcredential stuffingdata encryptiondata exfiltrationdata store exposureddosddos attacksdecoy systemdistributed attacksencryptionexploitation activityidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activityinternet of thingsintrusion detectioniot botnetiot securityiot/ics attacklateral movementmalicious activitymalicious softwaremalwaremanualmirai botnetnetworknetwork attacksnetwork probenetwork probingnetwork protocolnetwork scannetwork scanningnetwork securityphishingphishing attackprocess injectionreconnaissanceresearchedscanscannersecurity policysocial engineeringt1021.002t1040t1046t1055t1068t1071.001t1077t1105t1210t1486t1496t1499.001t1499.002t1499.003t1550.003t1562t1565t1566.001t1566.002t1566.003t1587.001t1590.001t1595.001t1595.002t1595.003tcp protocolthreat actorthreat intelligencethreat preventiontor node

Activity Timeline

1 total obs
Apr 6Apr 6

Threat Activity Heatmap

· Peak: 2026-04-06
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The IPv4 address `190.186.39.2` has been identified as a critical Indicator of Compromise, posing a significant risk to organizational security. Its presence suggests potential involvement in malicious activities such as network scanning, unauthorized access attempts via SMB shares, and command and control communications using the `novidade.ek` protocol. Unaddressed, this IOC could facilitate severe impacts including denial of service attacks, data encryption for ransomware purposes, and the hij…

Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
8
Reports
First seenAug 30, 2020
Last seenApr 6, 2026
GeolocationBO
CountryBolivia, Plurinational State of
LocationSanta Cruz de la Sierra, S
ASNAS25620
OrgMarcelo Velarde
Coords-17.8002, -63.1656

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 445 SMB. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
Socket not responding: [Errno 111] Connection refused
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://blocklist.greensnow.co/greensnow.txt, https://www.binarydefense.com/banlist.txt, https://lists.blocklist.de/lists/all.txt, https://rules.emergingthreats.net/blockrules/compromised-ips.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 2 months ago
Appeared in 8 threat reports