IPMediumSignal 75/100
27.79.4.213
Location
VietnamDa Nang, Hanoi
ASN
AS7552
VIETEL
First Seen
Apr 16, 2026
Last Seen
May 30, 2026
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
75%
Signal Score
75 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryVietnam
VietnamRegionDa Nang, Hanoi
ASNAS7552
OrganizationVIETEL
Feed Intelligence Summary
12 reports75% confidence
12
Source reports
75%
Confidence score
Category tags
abuseactive scanaptasiaaustraliabad reputationblocklistbrute forcebrute force attackerbrute-forcebruteforcecowriedigital oceandionaeaexploitation activityfattindicatornetworkoceaniap0fportscanresearchedscanscannerscannerssensor-taggedservice scansipsshssh attackt1110t1595tannertelnetthreat actortor nodetpotvietnamvnvultrweb app attack
Activity Timeline
May 30May 30
Threat Activity Heatmap
· Peak: 2026-05-30LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), an IPv4 address, represents a significant and active threat to organizational security. With a high score of 74.95 and no whitelisting, this IP address is strongly associated with malicious activities, primarily brute-force attacks and active scanning. If left unaddressed, the presence of this IOC in network logs or active communication with internal systems could signal ongoing reconnaissance or direct attempts at unauthorized access, potentially leading to s…
Threat ScoreHigh Risk
75
SIGNAL
Signal Score
75%
Confidence
12
Reports
First seenApr 16, 2026
Last seenMay 30, 2026
GeolocationVN
CountryVietnam
LocationDa Nang, Hanoi
ASNAS7552
OrgVIETEL
Coords21.0278, 105.8340
VirusTotal
Not checked
WHOIS
- description
- Observed authentication attempts via ssh against Cowrie/Heralding honeypots in Australia. Total events observed: 576. Sensors involved: Cowrie, Fatt. Target ports: 22, 80. Source country: VN. ASN(s): 7552. Organisation(s): Viettel Group. Usernames observed (masked): r**t, a***n, u**r, s*****t, c***o. Passwords observed (masked): 1**4, 1****6, a***n, P******d, a****3.
- raw
- inetnum: 27.64.0.0 - 27.79.255.255 netname: VIETTEL-VN descr: Viettel Group descr: No 1, Tran Huu Duc street, My Dinh 2 ward, Nam Tu Liem district, Ha Noi City country: VN admin-c: TVT8-AP tech-c: NDT9-AP status: ALLOCATED PORTABLE mnt-by: MAINT-VN-VNNIC mnt-irt: IRT-VNNIC-AP last-modified: 2017-11-11T09:36:50Z source: APNIC irt: IRT-VNNIC-AP address: Ha Noi, VietNam phone: +84-24-35564944 fax-no: +84-24-37821462 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NTTT1-AP tech-c: NTTT1-AP auth: # Filtered mnt-by: MAINT-VN-VNNIC last-modified: 2026-04-06T06:49:37Z source: APNIC person: Nguyen Dang Tiep address: Viettel Network Corporation address: No 1, Tran Huu Duc street, My Dinh 2 ward, Nam Tu Liem district, Ha Noi City country: VN phone: +84-24-62989898 e-mail: [email protected] nic-hdl: NDT9-AP mnt-by: MAINT-VN-VIETEL last-modified: 2017-11-11T09:40:35Z source: APNIC person: Tran Van Thanh address: Viettel Network Corporation address: No 1, Tran Huu Duc street, My Dinh 2 ward, Nam Tu Liem district, Ha Noi City country: VN phone: +84-24-62989898 e-mail: [email protected] nic-hdl: TVT8-AP mnt-by: MAINT-VN-VIETEL last-modified: 2018-08-21T09:57:13Z source: APNIC route: 27.64.0.0/12 descr: VIETTEL-VN origin: AS24086 mnt-by: MAINT-VN-VNNIC last-modified: 2025-08-14T17:15:01Z source: APNIC route: 27.64.0.0/12 descr: VIETTEL-VN origin: AS38731 mnt-by: MAINT-VN-VNNIC last-modified: 2025-08-14T17:15:06Z source: APNIC route: 27.64.0.0/12 descr: VIETTEL-VN origin: AS7552 mnt-by: MAINT-VN-VNNIC last-modified: 2025-08-14T17:14:56Z source: APNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 month ago · Last seen 14 days ago
Appeared in 12 threat reports