IPMediumSignal 55/100
42.180.38.47
Location
ChinaShenyang, Liaoning
ASN
AS4837
China Unicom Liaoning Province Network
First Seen
Apr 9, 2026
Last Seen
May 12, 2026
Found in 5 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryChina
ChinaRegionShenyang, Liaoning
ASNAS4837
OrganizationChina Unicom Liaoning Province Network
Feed Intelligence Summary
5 reports55% confidence
5
Source reports
55%
Confidence score
Category tags
abusech-urlhaus-c2cactive scanactive scanningarcarmarm5arm6arm7asciiasiabackdoorbad reputationbase64-loaderboatnetbotbotnetbotnet activityc2castleratchinacnccobaltstrikecoinminercommand & controlcryptocurrencyddosdropped-by-amadeyelfencodedencryptionexeexecutable fileexploitation activityexploited hostgithubgolanggotoresolveguloaderhackinghajimehtai468i686indicatorinfostealerkemo828kimsukyloaderlodalodaratluam68kmalwaremassloggermemzmipsmips.miraimozimpslmsinetworkopendirphantomstealerpowerpcpowershellppcps1purecrypterpureratqbotransomwareratreconnaissanceremcosratresearchedrev-base64-loaderrmmrustystealersaint helena, ascension and tristan da cunhasalatstealersantastealerscams & fraudscannersmartloadersparcspcsuperht1595.001t1595.002t1595.003threat actortor nodeua-wgetvidarx86x86_64xwormzip
Activity Timeline
May 12May 12
Threat Activity Heatmap
· Peak: 2026-05-12LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
5
Reports
First seenApr 9, 2026
Last seenMay 12, 2026
GeolocationCN
CountryChina
LocationShenyang, Liaoning
ASNAS4837
OrgChina Unicom Liaoning Province Network
Coords41.8048, 123.4330
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 42.176.0.0 - 42.183.255.255 netname: UNICOM-LN descr: UNICOM Liaoning Province Network descr: China Unicom descr: No.21, Jin-Rong Street descr: Beijing 100033 country: CN admin-c: CH444-AP tech-c: ZB17-AP abuse-c: AC1718-AP status: ALLOCATED PORTABLE remarks: service provider remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-CNCGROUP mnt-routes: MAINT-CNCGROUP-RR mnt-irt: IRT-CU-CN last-modified: 2023-10-21T03:29:06Z source: APNIC irt: IRT-CU-CN address: No.21,Financial Street address: Beijing,100033 address: P.R.China e-mail: [email protected] abuse-mailbox: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP auth: # Filtered remarks: [email protected] was validated on 2025-10-17 mnt-by: MAINT-CNCGROUP last-modified: 2025-11-18T00:26:20Z source: APNIC role: ABUSE CUCN country: ZZ address: No.21,Financial Street address: Beijing,100033 address: P.R.China phone: +000000000 e-mail: [email protected] admin-c: CH1302-AP tech-c: CH1302-AP nic-hdl: AC1718-AP remarks: Generated from irt object IRT-CU-CN remarks: [email protected] was validated on 2025-10-17 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-10-17T02:26:56Z source: APNIC person: CNCGroup Hostmaster nic-hdl: CH444-AP e-mail: [email protected] address: No.21,Financial Street address: Beijing,100033,P.R.China phone: +86-10-66259764 fax-no: +86-10-66259764 country: CN mnt-by: MAINT-CN-CUCGROUP last-modified: 2017-09-05T06:36:14Z source: APNIC person: ZHAO BO address: 96,JieFang Road ChangChun 130021 China. country: CN phone: +86-431-8925217 fax-no: +86-431-8925190 e-mail: [email protected] nic-hdl: ZB17-AP mnt-by: MAINT-CHINANET-JL last-modified: 2008-09-04T07:30:04Z source: APNIC route: 42.176.0.0/13 descr: China Unicom Liaoning Province Network country: CN origin: AS4837 mnt-by: MAINT-CNCGROUP-RR last-modified: 2011-03-02T05:24:02Z source: APNIC
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 1 month ago
Appeared in 5 threat reports