IOC Radar
IPMediumSignal 24/100

59.92.163.80

Location
IndiaIndia
Thiruvananthapuram, KL
ASN
AS9829
BSNL Internet
First Seen
Nov 17, 2022
Last Seen
Apr 6, 2026
Nov 17
First Seen
1305d ago
Apr 6
Last Seen
69d ago
9
Reports
source reports
24%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
24%
Signal Score
24 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

28 techniques

Network Information

CountryINIndia
RegionThiruvananthapuram, KL
ASNAS9829
OrganizationBSNL Internet

Feed Intelligence Summary

9 reports24% confidence
9
Source reports
24%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningamadeyarmasiaavemariaratbad reputationbotnetbotnet activitybrute forcebrute force attemptc2code injectioncoinminercommand & controlcommand and controlcommunication protocolcompromised systemcredential accesscredential stuffingcryptocurrencydata exfiltrationdata store exposuredcratddosddos attacksdecoy systemdistributed attacksdropped-by-privateloaderelfexeexecutable fileexploitation activitygafgytgeo-fencedgoziguloaderhajimeidentity & access exploitationifsbindiaindicatorinfostealeringress tool transferinjection activityinternet of thingsintrusion detectioniociot botnetiot securityiot/ics attackisfbmalicious network activitymalicious softwaremalwaremalware deliverymalware indicatorsmipsmirai botnetmozinetworknetwork attacksnetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork service scanningnetwork traffic analysisopen-diropendirpassword-protectedprivateloaderprocess injectionprotocol exploitationpw:1234pw:1896rarratreconnaissanceredlineredlinestealerremcosratresearchedrtfscanscannersecurity operationssecurity policyservice scanshellscriptt1021.002t1040t1046t1055t1056.001t1059.001t1059.007t1071t1071.001t1078t1105t1110t1110.002t1133t1190t1204.001t1486t1496t1499.001t1499.002t1499.003t1565t1566t1573t1595t1595.001t1595.002t1595.003tcp protocoltelecommunicationstelnet threatthreat actorthreat intelligencethreat preventiontor nodetrojan malwareunited statesusavidarvulnerability scanweb exploitationx86-64xmrigzip

Activity Timeline

1 total obs
Apr 6Apr 6

Threat Activity Heatmap

· Peak: 2026-04-06
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
24
SIGNAL
Signal Score
24%
Confidence
9
Reports
First seenNov 17, 2022
Last seenApr 6, 2026
GeolocationIN
CountryIndia
LocationThiruvananthapuram, KL
ASNAS9829
OrgBSNL Internet
Coords8.4832, 76.9458

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 23 Telnet. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 59.92.104.0 - 59.92.255.255 netname: BB-Multiplay descr: Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore country: IN admin-c: BH155-AP tech-c: DB374-AP abuse-c: AB1061-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-IN-DOT mnt-irt: IRT-BSNL-IN last-modified: 2021-07-15T07:17:51Z source: APNIC irt: IRT-BSNL-IN address: Internet Cell address: Bharat Sanchar Nigam Limited. address: 8th Floor,148-B Statesman House address: Barakhamba Road, New Delhi - 110 001 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NC83-AP tech-c: CGMD1-AP auth: # Filtered remarks: [email protected] was validated on 2025-07-02 mnt-by: MAINT-IN-DOT last-modified: 2025-07-02T04:53:55Z source: APNIC role: ABUSE BSNLIN country: ZZ address: Internet Cell address: Bharat Sanchar Nigam Limited. address: 8th Floor,148-B Statesman House address: Barakhamba Road, New Delhi - 110 001 phone: +000000000 e-mail: [email protected] admin-c: NC83-AP tech-c: CGMD1-AP nic-hdl: AB1061-AP remarks: Generated from irt object IRT-BSNL-IN remarks: [email protected] was validated on 2025-07-02 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-02T04:54:12Z source: APNIC person: BSNL Hostmaster nic-hdl: BH155-AP e-mail: [email protected] address: Broadband Networks address: Bharat Sanchar Nigam Limited address: 2nd Floor, Telephone Exchange, Sector 62 address: Noida phone: +91-120-2404243 fax-no: +91-120-2404241 country: IN mnt-by: MAINT-IN-PER-DOT last-modified: 2021-12-08T10:52:18Z source: APNIC person: DGM Broadband address: BSNL NOC Bangalore country: IN phone: +91-080-25805800 fax-no: +91-080-25800022 e-mail: [email protected] nic-hdl: DB374-AP mnt-by: MAINT-IN-PER-DOT last-modified: 2011-02-19T10:03:44Z source: APNIC route: 59.92.162.0/23 origin: AS9829 descr: Bharat Sanchar Nigam Ltd O/o Chief General Manager, Data Networks, BSNL CTS Compond, Netaji Nagar mnt-by: MAINT-IN-DOT last-modified: 2020-10-20T10:45:31Z source: APNIC
references
https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 years ago · Last seen 2 months ago
Appeared in 9 threat reports