IOC Radar
IPMediumSignal 65/100

191.243.36.166

Location
BrazilBrazil
Mafra, PR
ASN
AS263492
Vipmax Internet Ltda
First Seen
Dec 12, 2025
Last Seen
May 28, 2026
Dec 12
First Seen
186d ago
May 28
Last Seen
20d ago
10
Reports
source reports
65%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
65%
Signal Score
65 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryBRBrazil
RegionMafra, PR
ASNAS263492
OrganizationVipmax Internet Ltda

Feed Intelligence Summary

10 reports65% confidence
10
Source reports
65%
Confidence score
Category tags
active scanactive scanningaptbad reputationbad web botbotnet activitybrbrazilbrute forcebrute force attackcredential accesscredential stuffingddosddos attackexploitation activityhttpidentity & access exploitationimageimapimap attackindicatormalicious ipnetworkpassword attacksrangereconnaissanceresearchedscannersmtpsmtp attackersouth americassh attackt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003tcpthreat actortor node

Activity Timeline

1 total obs
May 28May 28

Threat Activity Heatmap

· Peak: 2026-05-28
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
65
SIGNAL
Signal Score
65%
Confidence
10
Reports
First seenDec 12, 2025
Last seenMay 28, 2026
GeolocationBR
CountryBrazil
LocationMafra, PR
ASNAS263492
OrgVipmax Internet Ltda
Coords-26.0900, -49.7158

VirusTotal

Not checked

WHOIS

description
The following is the full list of names given to Vye32GsS2g38eKhmaKrLdDjgrnf2YBT4/FGx8SNCa4txePA
raw
% Copyright (c) Nic.br - Use of this data is governed by the Use and inetnum: 191.243.36.0/22 aut-num: AS263492 abuse-c: VIINT9 owner: VIPMAX INTERNET LTDA ownerid: 10.849.283/0001-02 responsible: VIPMAXX COMPUTADORES country: BR owner-c: VIINT9 tech-c: VIINT9 inetrev: 191.243.36.0/24 nserver: ns1.maxriomafra.net.br nsstat: 20260411 AA nslastaa: 20260411 nserver: ns2.maxriomafra.net.br nsstat: 20260411 AA nslastaa: 20260411 created: 20131223 changed: 20140121 nic-hdl-br: VIINT9 person: Vipmaxx Internet e-mail: [email protected] country: BR created: 20120126 changed: 20200308
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 6 months ago · Last seen 20 days ago
Appeared in 10 threat reports