IOC Radar
IPMediumSignal 75/100

5.42.158.153

Location
FranceFrance
Marseille, Occitanie
ASN
AS208226
Ouiheberg Sarl
First Seen
Jul 3, 2025
Last Seen
Feb 12, 2026
Jul 3
First Seen
358d ago
Feb 12
Last Seen
134d ago
13
Reports
source reports
75%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
75%
Signal Score
75 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

31 techniques

Network Information

CountryFRFrance
RegionMarseille, Occitanie
ASNAS208226
OrganizationOuiheberg Sarl

Feed Intelligence Summary

13 reports75% confidence
13
Source reports
75%
Confidence score
Category tags
abuseaccess controlactive scanningattackauthenticationauthentication attackbotnetbrute forcebrute force attackbrute force attemptcommand and controlcommunication protocolcompromised hostcredential accesscredential stuffingdata exfiltrationdecoy systemdistributed attackseuropeexfiltrationfinlandfrancehackingindicatorintrusion detectionioclateral movementlogin attacklogin brute-forcemalicious activitymalicious softwaremalwarenetworknetwork attacksnetwork intrusionnetwork securitynetwork service scanningnetwork traffic analysispassword attackpassword attacksprocess injectionreconnaissanceremote accessremote servicesresearchedscanscannersecurity policyssh attackt1021.004t1040t1055t1071t1071.001t1078t1078.004t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1486t1496t1497t1499.001t1499.002t1499.003t1555.003t1565t1573t1588t1588.004t1589t1595t1595.001t1595.002t1595.003tcp protocolthreat actorthreat intelligencethreat prevention

Activity Timeline

1 total obs
Feb 12Feb 12

Threat Activity Heatmap

· Peak: 2026-02-12
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
75
SIGNAL
Signal Score
75%
Confidence
13
Reports
First seenJul 3, 2025
Last seenFeb 12, 2026
GeolocationFR
CountryFrance
LocationMarseille, Occitanie
ASNAS208226
OrgOuiheberg Sarl
Coords48.8582, 2.3387

VirusTotal

Not checked

WHOIS

description
SSH brute force IOCs collected mainly from hosts located in Finland
raw
inetnum: 5.42.158.0 - 5.42.158.254 netname: OUIHEBERG-SUBNET country: FR admin-c: FD6063-RIPE tech-c: GA11484-RIPE status: ASSIGNED PA mnt-by: GEDEFI-MNT created: 2021-03-07T20:37:04Z last-modified: 2021-03-07T20:37:04Z source: RIPE person: OUIHEBERG SARL address: 22 RUE DU MUSCAT 30470 AIMARGUES FRANCE phone: +3397217989 nic-hdl: FD6063-RIPE mnt-by: ouihebergfr created: 2019-09-06T11:56:56Z last-modified: 2024-02-06T11:20:53Z source: RIPE person: OUIHEBERG SARL address: France phone: +33123456000 nic-hdl: GA11484-RIPE mnt-by: ouihebergfr mnt-by: FD-6063 created: 2020-02-10T13:18:40Z last-modified: 2024-02-06T11:19:45Z source: RIPE route: 5.42.158.0/24 origin: AS208226 mnt-by: GEDEFI-MNT created: 2021-03-07T20:40:17Z last-modified: 2021-03-07T20:40:17Z source: RIPE
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 11 months ago · Last seen 4 months ago
Appeared in 13 threat reports