IOC Radar
IPMediumSignal 47/100

59.184.244.61

Location
IndiaIndia
Raipur, Chhattisgarh
ASN
AS9829
Mahanagar Telephone Nigam Limited
First Seen
Jul 20, 2024
Last Seen
Mar 28, 2026
Jul 20
First Seen
706d ago
Mar 28
Last Seen
90d ago
12
Reports
source reports
47%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

41 techniques

Network Information

CountryINIndia
RegionRaipur, Chhattisgarh
ASNAS9829
OrganizationMahanagar Telephone Nigam Limited

Feed Intelligence Summary

12 reports47% confidence
12
Source reports
47%
Confidence score
Category tags
abuseactive scanactive scanningahmythapkarmasiaasyncratb-cdnbackdoorbad reputationbase64bitbucketbotnetbotnet activitybotnetdomainbrute forcebrute force attackcensyscobalt-strikecobaltstrikecoinminercommand and controlcredential accesscredential harvestingcredential stuffingcryptocurrencyctadanabotdata encryptiondata exfiltrationdata store exposureddosddos attacksdistributed attacksdlldropped-by-amadeyelfencodedencryptionexeexecutable fileexploitation activityextortiongafgytguloaderhajimehavochijackloaderhtaidentity & access exploitationinindiaindicatorinfostealerinfrastructure acquisitionreconnaissanceinjection activityinternet of thingsiot botnetiot securityiot/ics attackjava-bytecodekaijil3monlnkloaderlokilummastealermachomalicious softwaremalwaremanualmeduzastealermeterpretermipsmirai botnetmobile threatmozimultiratnetsupportratnetworknetwork securityopendirparaguaypassword attackspdfphishingphishing attackpinkprocess injectionprotocol exploitationps1pythonqbotransomwareratreconnaissanceredlinestealerremcos trojanremote accessremote servicesresearchedreverseshellsaint helena, ascension and tristan da cunhascams & fraudscannerscrscriptshellcodesliversmoke loadersnakekeyloggersocial engineeringsshdkitstealcsystem disruptionsystembct1005t1021.001t1027t1040t1055t1059t1059.003t1071t1071.001t1078t1105t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1204t1204.002t1486t1490t1496t1499.002t1499.003t1547t1565t1566t1566.001t1566.002t1566.003t1583t1584t1587.001t1588t1588.002t1590.001t1595.001t1595.002t1595.003t1608tcp/23telnet threatthreat actortor nodeua-wgetvidarwsgidavxmrigxorbotzip

Activity Timeline

1 total obs
Mar 28Mar 28

Threat Activity Heatmap

· Peak: 2026-03-28
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
12
Reports
First seenJul 20, 2024
Last seenMar 28, 2026
GeolocationIN
CountryIndia
LocationRaipur, Chhattisgarh
ASNAS9829
OrgMahanagar Telephone Nigam Limited
Coords20.0063, 77.0060

VirusTotal

Not checked

WHOIS

raw
inetnum: 59.176.0.0 - 59.185.255.255 netname: MTNL descr: Mahanagar Telephone Nigam Limited country: IN admin-c: AB782-AP tech-c: SM2089-AP status: ALLOCATED PORTABLE mnt-by: MAINT-IN-IRINN mnt-lower: MAINT-IN-MTNL mnt-routes: MAINT-IN-MTNL mnt-irt: IRT-MTNL-IN last-modified: 2016-12-14T04:38:46Z source: APNIC irt: IRT-MTNL-IN address: Jeevan Bharati Building address: Tower 1, 12th Floor, 124, Connaught Circus, New Delhi e-mail: [email protected] abuse-mailbox: [email protected] admin-c: AB782-AP tech-c: SM2089-AP auth: # Filtered mnt-by: MAINT-IN-MTNL last-modified: 2022-07-01T08:44:20Z source: APNIC role: Senior Manager address: Mahanagar Doorsanchar Sadan, 5th Floor, 9 CGO Complex, Lodhi Road, New Delhi ,New Delhi,Delhi-110003 country: IN phone: +91 01124325185 e-mail: [email protected] admin-c: AB782-AP tech-c: AB782-AP nic-hdl: SM2089-AP mnt-by: MAINT-IN-MTNL last-modified: 2016-12-14T06:25:35Z source: APNIC person: Amarjeetkaur Bedi address: Mahanagar Doorsanchar Sadan, 5th Floor, 9 CGO Complex, Lodhi Road, New Delhi ,New Delhi,Delhi-110003 country: IN phone: +91 01124325185 e-mail: [email protected] nic-hdl: AB782-AP mnt-by: MAINT-IN-MTNL last-modified: 2016-12-14T06:28:12Z source: APNIC route: 59.184.240.0/20 descr: Mahanagar Telephone Nigam Limited origin: AS17813 mnt-by: MAINT-IN-MTNL mnt-routes: MAINT-IN-MTNL notify: [email protected] last-modified: 2023-06-26T07:14:55Z source: APNIC route: 59.184.240.0/20 descr: MTNL Pool ROUTE OBJECT Through BSNL origin: AS9829 mnt-by: MAINT-IN-IRINN mnt-routes: MAINT-IN-MTNL notify: [email protected] last-modified: 2023-04-16T23:13:30Z source: APNIC
references
https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 12 threat reports