IOC Radar
IPMediumSignal 63/100

192.140.225.33

Location
IndonesiaIndonesia
Teluknaga, Banten
ASN
AS56233
PT Asia Teknologi Solusi
First Seen
Jan 14, 2025
Last Seen
Apr 8, 2026
Jan 14
First Seen
513d ago
Apr 8
Last Seen
65d ago
11
Reports
source reports
63%
Confidence
medium
Found in 11 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

50 techniques

Network Information

CountryIDIndonesia
RegionTeluknaga, Banten
ASNAS56233
OrganizationPT Asia Teknologi Solusi

Feed Intelligence Summary

11 reports63% confidence
11
Source reports
63%
Confidence score
Category tags
active scanactive scanningaptasciiasiaasyncratattackbackdoorbashbotnetbotnet activitybotnetdomainbrute forcec2 communicationcensyscobaltstrikecoinminercommand & controlcommand and controlcredential accesscredential harvestingcredential stuffingcryptocurrencydata encryptiondata exfiltrationdata store exposuredata theftdbatloaderdcratddosddos attacksdistributed attacksdropped-by-amadeyelfencodedencryptionexeexecutable fileexploitation activityextortionftp brute forcegafgytgh0strat activity detectedgh0strat malware activitygithubguloaderhtahttp brute forceididentity & access exploitationindicatorindonesiainfostealerinfrastructure acquisitionreconnaissanceinjection activityinternet of thingsiot botnetiot securityiot/ics attackircbotlateral movementlazaruslivelummalummastealermalicious activitymalicious softwaremalwaremanualmetasploitmirai botnetnetworknetwork enumerationnetwork probingnetwork reconnaissancenetwork scanningnetwork securitynjratopendiroperating systempayloadpersistence mechanismphishingphishing attackprocess injectionprotocol exploitationquasarratransomwareratreconnaissanceremcos trojanremcosratremote accessremote access trojanremote servicesresearchedreverse shellrustystealersaint helena, ascension and tristan da cunhasalityservice discoveryservice scansocial engineeringssh attacksystem disruptiont1003t1016t1021t1021.001t1027t1040t1041t1046t1053t1053.005t1055t1056t1059t1059.001t1059.003t1068t1069.001t1071t1071.001t1076t1078t1082t1105t1110t1110.002t1133t1190t1204t1204.002t1486t1490t1496t1499.002t1499.003t1547t1563t1565t1566t1566.001t1566.002t1566.003t1569t1573t1587.001t1588t1590.001t1595t1595.001t1595.002t1595.003tcp scantelnet threatthreat actortor nodeua-wgetudp port scanudp scanvbsvipkeyloggerwgetxwormzip

Activity Timeline

1 total obs
Apr 8Apr 8

Threat Activity Heatmap

· Peak: 2026-04-08
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
11
Reports
First seenJan 14, 2025
Last seenApr 8, 2026
GeolocationID
CountryIndonesia
LocationTeluknaga, Banten
ASNAS56233
OrgPT Asia Teknologi Solusi
Coords-6.1741, 106.8296

VirusTotal

Not checked

WHOIS

raw
inetnum: 192.140.224.0 - 192.140.225.255 netname: ATSINDO-ID descr: PT Asia Teknologi Solusi descr: Internet Service Provider descr: Jl. Meruya Ilir descr: Rukan Kebon Jeruk Intercon Blok AA1 No.27 descr: Jakarta Barat, 11630 admin-c: AT703-AP tech-c: AT703-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-ATSINDO-ID mnt-routes: MAINT-ID-ATSINDO status: ALLOCATED PORTABLE last-modified: 2016-04-05T06:45:13Z source: APNIC irt: IRT-ATSINDO-ID address: PT Asia Teknologi Solusi address: Jl. Meruya Ilir address: Rukan Kebon Jeruk Intercon Blok AA1 No.27 address: Jakarta Barat, 11630 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AT703-AP tech-c: AT703-AP auth: # Filtered mnt-by: MAINT-ID-ATSINDO last-modified: 2018-05-31T22:29:17Z source: APNIC person: Adam Tanzil address: Jl. Meruya Ilir Raya address: Rukan Kebon Jeruk Intercon Blok AA1 No 27 address: Jakarta Barat 11630 address: DKI Jakarta - Indonesia country: ID phone: +62-21-5846791 fax-no: +62-21-5846791 e-mail: [email protected] nic-hdl: AT703-AP mnt-by: MAINT-ID-ATSINDO last-modified: 2016-05-25T03:50:40Z source: APNIC route: 192.140.225.0/24 descr: Route object of PT Asia Teknologi Solusi descr: Internet Service Provider descr: Jakarta Selatan origin: AS56233 country: ID mnt-by: MAINT-ID-ATSINDO last-modified: 2017-02-27T09:52:54Z source: APNIC inetnum: 192.140.224.0 - 192.140.225.255 netname: ATSINDO-ID descr: PT Asia Teknologi Solusi descr: Internet Service Provider descr: Jl. Meruya Ilir descr: Rukan Kebon Jeruk Intercon Blok AA1 No.27 descr: Jakarta Barat, 11630 admin-c: AT703-AP tech-c: AT703-AP remarks: Send Spam & Abuse Reports to: [email protected] country: ID mnt-by: MNT-APJII-ID mnt-irt: IRT-ATSINDO-ID mnt-routes: MAINT-ID-ATSINDO status: ALLOCATED PORTABLE last-modified: 2016-04-05T06:45:13Z source: IDNIC irt: IRT-ATSINDO-ID address: PT Asia Teknologi Solusi address: Jl. Meruya Ilir address: Rukan Kebon Jeruk Intercon Blok AA1 No.27 address: Jakarta Barat, 11630 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AT703-AP tech-c: AT703-AP auth: # Filtered mnt-by: MAINT-ID-ATSINDO last-modified: 2014-06-20T07:56:40Z source: IDNIC person: Adam Tanzil address: Jl. Meruya Ilir Raya address: Rukan Kebon Jeruk Intercon Blok AA1 No 27 address: Jakarta Barat 11630 address: DKI Jakarta - Indonesia country: ID phone: +62-21-5846791 fax-no: +62-21-5846791 e-mail: [email protected] nic-hdl: AT703-AP mnt-by: MAINT-ID-ATSINDO last-modified: 2016-05-25T03:50:40Z source: IDNIC route: 192.140.225.0/24 descr: Route object of PT Asia Teknologi Solusi descr: Internet Service Provider descr: Jakarta Selatan origin: AS56233 country: ID mnt-by: MAINT-ID-ATSINDO last-modified: 2017-02-27T09:52:54Z source: IDNIC
references
https://x.com/skocherhan/status/1933724678171799591, https://x.com/skocherhan/status/1933737505448202306, https://x.com/skocherhan/status/1933741384562807104, https://x.com/skocherhan/status/1933760305525362819, https://x.com/skocherhan/status/1933766799461401039, https://x.com/skocherhan/status/1933770733697515932, https://x.com/skocherhan/status/1933780335650652250, https://x.com/skocherhan/status/1933797194412273953, https://x.com/skocherhan/status/1933823946564022566, https://x.com/skocherhan/status/1933843550690762960, https://x.com/skocherhan/status/1933843858489479584, https://x.com/skocherhan/status/1933852754012774415, https://x.com/skocherhan/status/1933854866654265479, https://x.com/skocherhan/status/1933886383942255092, https://x.com/skocherhan/status/1933899285822939147, https://x.com/skocherhan/status/1933912634895610060, https://x.com/skocherhan/status/1933913834906849400, https://x.com/skocherhan/status/1933948158591017165, https://x.com/skocherhan/status/1933951808646365478, https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 11 threat reports