IOC Radar
IPMediumSignal 69/100

46.246.12.9

Location
SwedenSweden
Stockholm, Stockholm County
ASN
AS42708
Frootynet
First Seen
Oct 12, 2020
Last Seen
Apr 29, 2026
Oct 12
First Seen
2062d ago
Apr 29
Last Seen
37d ago
10
Reports
source reports
69%
Confidence
medium
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
69%
Signal Score
69 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountrySESweden
RegionStockholm, Stockholm County
ASNAS42708
OrganizationFrootynet

Feed Intelligence Summary

10 reports69% confidence
10
Source reports
69%
Confidence score
Category tags
access controlaccess trojanactive scanactive scanningasiaasyncratasyncrat linkaustraliabotnetbotnet activitybrazilbrute forcecanadaclosecobaltstrikecommandcommand and controlcontrolcredential harvestingcredential stuffingcredential theftcryptocurrencycryptocurrency threatscryptojackingcyber threat activitydata encryptiondata exfiltrationdata store exposuredata theftdcratdistributed attacksencryptionestoniaeuropeeurope/asiaexploitation activityextortionfake osfinancefrancegermanyhackinghasheshong kongidentity & access exploitationindiaindonesiainfostealerinfrastructure acquisitionreconnaissanceinjection activitylazarusmalicious softwaremalwaremexicomobilemobile securitymozinetherlandsnetworknorth americaoceaniaoperating systempersistence mechanismpersistence mechanismsphishingphishing attackpoliceprocess injectionproxypumpransomwareratreconnaissanceremcos trojanremote accessremote controlremote servicesresearchedresource hijackingrussiasalatstealerscams & fraudscannerscreen monitoringsesecurity policyservicesha valuessingaporesocial engineeringsouth americastealcsteamswedensystem disruptiont1003t1005t1021.001t1025t1041t1043t1053t1055t1056t1059t1059.003t1064t1069.001t1071t1071.001t1074t1078t1082t1090t1105t1107t1113t1114t1204t1210t1219t1486t1490t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1587.001t1590.001t1595.001t1595.002t1595.003thailandthreat actorthreat preventiontor nodeukraineurlhausurls httpurls httpsvidar linkweek

Activity Timeline

1 total obs
Apr 29Apr 29

Threat Activity Heatmap

· Peak: 2026-04-29
Less
More
Mon
Wed
Fri
Jun
·
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
69
SIGNAL
Signal Score
69%
Confidence
10
Reports
First seenOct 12, 2020
Last seenApr 29, 2026
GeolocationSE
CountrySweden
LocationStockholm, Stockholm County
ASNAS42708
OrgFrootynet
Coords59.3247, 18.0560

VirusTotal

Not checked

WHOIS

raw
inetnum: 46.246.12.0 - 46.246.13.255 netname: FROOTYNET-4 geofeed: https://as42708.net/geofeed.csv descr: Frootynet Sweden country: SE admin-c: FN2785-RIPE tech-c: FN2785-RIPE org: ORG-FA755-RIPE status: ASSIGNED PA mnt-by: MNT-PORTLANE created: 2015-06-20T02:50:48Z last-modified: 2024-01-22T11:25:35Z source: RIPE organisation: ORG-FA755-RIPE org-name: Frootynet org-type: OTHER address: Box 6322 address: 102 35 Stockholm address: Sweden abuse-c: FN2785-RIPE mnt-ref: MNT-PORTLANE mnt-by: MNT-FROOTVPN created: 2016-08-23T11:52:36Z last-modified: 2016-08-23T12:20:23Z source: RIPE # Filtered role: Frootynet NOC address: Box 6322 address: 102 35 Stockholm address: Sweden nic-hdl: FN2785-RIPE mnt-by: MNT-FROOTVPN created: 2016-08-23T11:47:22Z last-modified: 2016-08-23T12:16:24Z source: RIPE # Filtered abuse-mailbox: [email protected] route: 46.246.0.0/17 descr: Portlane Network origin: AS42708 mnt-by: GLESYS-MNT created: 2011-01-27T13:42:49Z last-modified: 2024-10-15T06:23:36Z source: RIPE
references
https://any.run/malware-trends/, https://urlhaus.abuse.ch/, https://threatfox.abuse.ch/export/csv/recent/, https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_Real-time, https://darfe.es/ciberwiki/index.php?title=Remcos_(RAT), https://www.virustotal.com/graph/embed/g04f6a54d9bc641fd885fbc9085eb430cd43e775327b94d26afcebce96a27f9f4?theme=light, https://alertas-y-seguridad.jimdosite.com/repositorio-ioc/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 5 years ago · Last seen 1 month ago
Appeared in 10 threat reports