IOC Radar
IPMediumSignal 71/100

43.245.219.62

Location
CambodiaCambodia
Phnom Penh, 12
ASN
AS24492
WiCAM Corporation Ltd.
First Seen
Nov 21, 2024
Last Seen
Feb 13, 2026
Nov 21
First Seen
570d ago
Feb 13
Last Seen
122d ago
7
Reports
source reports
71%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

35 techniques

Network Information

CountryKHCambodia
RegionPhnom Penh, 12
ASNAS24492
OrganizationWiCAM Corporation Ltd.

Feed Intelligence Summary

7 reports71% confidence
7
Source reports
71%
Confidence score
Category tags
active scanningadbhoney honeypotantispamattackbotnetbrute forcebrute force attackbrute force attemptsbrute_forcecambodiacommand and controlcommunication protocolcompromised credentialscowrie honeypotcowrie interactionscredential accesscredential harvestingcredential stuffingcve scandata exfiltrationdatabase securityddos attackdecoy systemdionaea honeypotdionaea interactionsdionaea malware analysisdistributed attackselasticpot honeypotelasticsearch monitoringexploit kit activityftpftp brute forceftp_bruteforceheralding attack patternhttp brute forcehttp scannerhttp_scanhttps_scanindicatorkhlateral movementlog4jmailoney honeypotmalicious activitymalicious softwaremalwaremalware behaviourmalware capturemalware distributionnetworknetwork attack attemptsnetwork intrusion attemptsnetwork scanningnetwork securitynetwork service scanningnorth americapassword attacksphishingphishing attackphishing trappossible botnet activityprocess injectionprotocol exploitationpython script activityreconnaissanceremote accessremote servicesresearchedresource hijackingscannerscripting attackssentrypeer botnetsftp attacksocial engineeringsql injection attemptssh attackssh monitoringssh_bruteforcet1021t1021.001t1040t1041t1046t1055t1059t1059.007t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1566.004t1595t1595.001t1595.002t1595.003tannertelecommunicationstelnet threattelnet_bruteforcethreat actorthreat intelligenceunauthorized accessunauthorized access attemptunited statesvoipvoip attackweb attackweb exploitationweb shell attemptweb spamweb traffic

Activity Timeline

1 total obs
Feb 13Feb 13

Threat Activity Heatmap

· Peak: 2026-02-13
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
7
Reports
First seenNov 21, 2024
Last seenFeb 13, 2026
GeolocationKH
CountryCambodia
LocationPhnom Penh, 12
ASNAS24492
OrgWiCAM Corporation Ltd.
Coords11.5583, 104.9121

VirusTotal

Not checked

WHOIS

description
2025-07-05T13:05:19.251Z Honeypot : Heralding : Source: 43.245.219.62 : Username/Password: adminn/password Port: 1080 Message: 2025-07-05 13:05:19.251317,fae0f5fc-6bda-46c4-89ce-12e3cc9718cb,c57efa8c-546e-4ea9-a76e-23ced7ac6251,43.245.219.62,60364,99.18.26.18,1080,socks5,adminn,password,
raw
inetnum: 43.245.219.0 - 43.245.219.255 netname: WiCAM-BACKBONE-219 descr: WiCAM Corporation Ltd. country: KH admin-c: WN346-AP tech-c: WN346-AP abuse-c: AW856-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-KH-WICAM mnt-lower: MAINT-KH-WICAM mnt-routes: MAINT-KH-WICAM mnt-irt: IRT-WICAM-KH last-modified: 2022-10-12T09:05:06Z source: APNIC irt: IRT-WICAM-KH address: # 47, St. 271?St.480 address: Sangkat Toul Tompong II, Khan Chamkar Morn address: Phenom Penh address: CAMBODIA e-mail: [email protected] abuse-mailbox: [email protected] admin-c: WN346-AP tech-c: WN346-AP auth: # Filtered remarks: [email protected] was validated on 2025-02-04 mnt-by: MAINT-KH-WICAM last-modified: 2025-02-04T09:34:02Z source: APNIC role: ABUSE WICAMKH country: ZZ address: # 47, St. 271?St.480 address: Sangkat Toul Tompong II, Khan Chamkar Morn address: Phenom Penh address: CAMBODIA phone: +000000000 e-mail: [email protected] admin-c: WN346-AP tech-c: WN346-AP nic-hdl: AW856-AP remarks: Generated from irt object IRT-WICAM-KH remarks: [email protected] was validated on 2025-02-04 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-02-04T09:34:14Z source: APNIC person: WICAM NOC address: #47, St. 271 corner St. 480, Sangkat Toul tompung 2, Khan Chamkar morn, Phnom Penh, Cambodia country: KH phone: +855 8188 8950 e-mail: [email protected] nic-hdl: WN346-AP mnt-by: MAINT-KH-WICAM last-modified: 2022-10-12T09:01:13Z source: APNIC route: 43.245.216.0/22 origin: AS24492 descr: WiCAM Corporation Ltd. #47, St. 271 Corner St.480 Sangkat Toul Tompong II Khan Chamkar Morn mnt-by: MAINT-KH-WICAM last-modified: 2019-11-18T04:27:51Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 4 months ago
Appeared in 7 threat reports