IOC Radar
IPMediumSignal 27/100

203.210.235.156

Location
VietnamVietnam
Thu Dau Mot, Kiên Giang Province
ASN
AS45899
Vietnam Posts and Telecommunications Group
First Seen
Jul 30, 2024
Last Seen
Apr 7, 2026
Jul 30
First Seen
686d ago
Apr 7
Last Seen
70d ago
9
Reports
source reports
27%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
27%
Signal Score
27 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

33 techniques

Network Information

CountryVNVietnam
RegionThu Dau Mot, Kiên Giang Province
ASNAS45899
OrganizationVietnam Posts and Telecommunications Group

Feed Intelligence Summary

9 reports27% confidence
9
Source reports
27%
Confidence score
Category tags
active scanactive scanningadbhoney honeypotantispamasiaattackbank securitybotnetbotnet activitybrute forcebrute force attackcisco devicecisco exploitation attemptscommand and controlcommunication protocolcompromised credentialsconpot honeypotcowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata exfiltration attemptsdata store exposuredatabase securitydecoy systemdevice managementdionaea honeypotdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexploitation activityexploitation attemptexploitation attemptsfinancefinancial institutionfinancial servicesftp brute forceheralding attack patternhoneytrap honeypotics securityidentity & access exploitationindicatorindustrial control systemsinjection activityiot securityiot/ics attacklamplateral movementlog4jmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware deployment attemptsnetworknetwork infrastructurenetwork intrusion attemptsnetwork scanningnetwork securitypassword attacksphishingphishing attackphishing trapprocess injectionpython script activityreconnaissanceremote accessresearchedresource hijackingscannerscanning activitysentrypeer botnetsftp access attemptsftp attacksip brute forcesocial engineeringspamssh attackssh monitoringt1021t1021.004t1040t1041t1046t1055t1059t1059.004t1071.001t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1583t1595t1595.001t1595.002t1595.003tannertargeting databasetelecommunicationsthreat actorthreat detectionthreat intelligencetor nodeunited statesviet namvietnamvoipvoip attack

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address, signals a significant and immediate threat to organizational security. Its high score and non-whitelisted status strongly suggest active malicious intent. The address 203.210.235.156 is linked to aggressive reconnaissance, credential compromise attempts, data exfiltration, and potential resource hijacking, including cryptocurrency mining. An unaddressed presence of this IOC within the network could lead to severe consequences such as unauthori…

Threat ScoreLow Risk
27
SIGNAL
Signal Score
27%
Confidence
9
Reports
First seenJul 30, 2024
Last seenApr 7, 2026
GeolocationVN
CountryVietnam
LocationThu Dau Mot, Kiên Giang Province
ASNAS45899
OrgVietnam Posts and Telecommunications Group
Coords10.2159, 103.9664

VirusTotal

Not checked

WHOIS

description
2025-04-28T18:08:57.433Z Honeypot : Heralding : Source: 203.210.235.156 : Username/Password: AdMIN1/1234567 Port: 1080 Message: 2025-04-28 18:08:57.433740,a1ccf4d7-b6fe-4c67-bdf7-5597f9473d1b,c66a7ef5-f57d-474a-b6f3-8219ca95953d,203.210.235.156,52934,99.18.26.21,1080,socks5,AdMIN1,1234567,
raw
inetnum: 203.210.220.0 - 203.210.255.255 netname: VNPT-VN country: VN descr: Vietnam Posts and Telecommunications Group descr: No 57, Huynh Thuc Khang Street, Lang Ha ward, Dong Da district, Ha Noi City admin-c: PTH13-AP tech-c: PTH13-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-VN-VNPT last-modified: 2018-01-25T03:56:00Z mnt-irt: IRT-VNNIC-AP source: APNIC irt: IRT-VNNIC-AP address: Ha Noi, VietNam phone: +84-24-35564944 fax-no: +84-24-37821462 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTTT1-AP tech-c: NTTT1-AP auth: # Filtered mnt-by: MAINT-VN-VNNIC last-modified: 2025-11-17T23:08:34Z source: APNIC person: Pham Tien Huy address: VNPT-VN country: VN phone: +84-24-37741604 e-mail: [email protected] nic-hdl: PTH13-AP mnt-by: MAINT-VN-VNPT last-modified: 2017-11-19T07:06:20Z source: APNIC route: 203.210.235.0/24 descr: VNPT origin: AS45899 mnt-by: MAINT-VN-VNPT last-modified: 2022-07-29T17:19:04Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 9 threat reports