IOC Radar
IPMediumSignal 37/100

202.137.154.124

Location
Lao People's Democratic RepublicLao People's Democratic Republic
Vientiane, Vientiane Prefecture
ASN
AS9873
Laotelecom
First Seen
Apr 7, 2021
Last Seen
Jun 3, 2026
Apr 7
First Seen
1895d ago
Jun 3
Last Seen
11d ago
10
Reports
source reports
37%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
37%
Signal Score
37 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

36 techniques

Network Information

CountryLALao People's Democratic Republic
RegionVientiane, Vientiane Prefecture
ASNAS9873
OrganizationLaotelecom

Feed Intelligence Summary

10 reports37% confidence
10
Source reports
37%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotattackbad reputationbad web botblacklisted ipbotnetbotnet activitybrute forcebrute force attackc2cisco devicecommand & controlcommand and controlcommunication protocolcompromised credentialscompromised devicecompromised hostcompromised systemcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdata store exposuredatabase securityddosdecoy systemdenial of servicedevice managementdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexploitation activityexploitation attemptexploitation attemptsheralding attack patternhoneytrap honeypotidentity & access exploitationindicatorinjection activityintrusion detectioniot securitylalamplao people's democratic republiclateral movementmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware communicationmalware deployment attemptsnetworknetwork infrastructurenetwork intrusion attemptnetwork scanningnetwork securitynetwork trafficpassword attacksphishingphishing attackphishing trapprocess injectionpython script activityreconnaissanceremote accessresearchedresource hijackingscannerscanning activitysentrypeer botnetsftp access attemptsftp attacksip brute forcesocial engineeringspamssh attackssh monitoringt1003t1021t1040t1041t1055t1059t1059.004t1071t1071.001t1078t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1566.004t1583t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencetor nodetraffic anomalyvoipvoip attackvulnerability scanweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 3Jun 3

Threat Activity Heatmap

· Peak: 2026-06-03
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
37
SIGNAL
Signal Score
37%
Confidence
10
Reports
First seenApr 7, 2021
Last seenJun 3, 2026
GeolocationLA
CountryLao People's Democratic Republic
LocationVientiane, Vientiane Prefecture
ASNAS9873
OrgLaotelecom
Coords18.0000, 105.0000

VirusTotal

Not checked

WHOIS

description
2025-04-29T03:59:24.538Z Honeypot : Heralding : Source: 202.137.154.124 : Username/Password: AdmiN1/dragon Port: 1080 Message: 2025-04-29 03:59:24.538378,9b041422-3f06-407f-b3be-e3e815f9832a,225501af-1fb7-4d35-9ca8-4fd75c3ddf26,202.137.154.124,45317,99.18.26.18,1080,socks5,AdmiN1,dragon,
raw
inetnum: 202.137.128.0 - 202.137.159.254 netname: LAOTELECOM descr: Lao Telecommunication Public Company country: LA admin-c: CB942-AP tech-c: CB942-AP abuse-c: AL1582-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-LA-CB mnt-irt: IRT-LATELECOM-LA last-modified: 2025-04-07T03:18:48Z source: APNIC irt: IRT-LATELECOM-LA address: Ban Saylom 01000 Vientiane e-mail: [email protected] abuse-mailbox: [email protected] admin-c: LTPC1-AP tech-c: LTPC1-AP auth: # Filtered remarks: [email protected] was validated on 2024-10-30 mnt-by: MAINT-LA-CB last-modified: 2025-03-06T00:01:56Z source: APNIC role: ABUSE LATELECOMLA country: ZZ address: Ban Saylom 01000 Vientiane phone: +000000000 e-mail: [email protected] admin-c: LTPC1-AP tech-c: LTPC1-AP nic-hdl: AL1582-AP remarks: Generated from irt object IRT-LATELECOM-LA remarks: [email protected] was validated on 2024-10-30 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-03-06T00:02:04Z source: APNIC person: chindavone BOUNNHAVONG address: Ban Saylom 01000 Vientiane country: LA phone: +8562054545345 e-mail: [email protected] nic-hdl: CB942-AP mnt-by: MAINT-LA-CB last-modified: 2025-04-04T08:57:23Z source: APNIC route: 202.137.154.0/24 origin: AS9873 descr: Lao Telecommunication Co Ltd Ban Saylom,Chamthabuly,Vientiane,Lao PDR P.O.Box 5607 mnt-by: MAINT-LA-DP last-modified: 2020-04-24T03:36:00Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 11 days ago
Appeared in 10 threat reports