IOC Radar
IPMediumSignal 35/100

59.96.140.100

Location
IndiaIndia
Garhchiroli, HR
ASN
AS9829
BSNL Internet
First Seen
Apr 10, 2025
Last Seen
Apr 26, 2026
Apr 10
First Seen
429d ago
Apr 26
Last Seen
49d ago
10
Reports
source reports
35%
Confidence
medium
9/91
VirusTotal
detections
Found in 10 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
35%
Signal Score
35 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

32 techniques

Network Information

CountryINIndia
RegionGarhchiroli, HR
ASNAS9829
OrganizationBSNL Internet

Feed Intelligence Summary

10 reports35% confidence
10
Source reports
35%
Confidence score
Category tags
abuseactive scanactive scanningarmasciiasiaasyncratbackdoorbad reputationbase64-loaderbotnetbotnet activitybotnetdomainbrute forcecensysclipboardhijackercode injectioncoinminercommand and controlcommand executioncredential harvestingcredential stuffingcryptocurrencydarktortilladarkvisionratdata exfiltrationdata store exposuredbatloaderdcratddosddos attacksddosagentdistributed attacksdlldocdropped-by-lummastealerelfencodedexeexecutable fileexploitation activityexploited hostfakecaptchagafgytgetshellguloaderhackinghajimehijackloaderhtahtmlidentity & access exploitationindiaindicatorinfostealerinjection activityinternet of thingsiot botnetiot securityiot/ics attackjpg-base64-loaderlokilummastealermalicious powershell activitymalicious softwaremalwaremeterpretermipsmirai botnetmodiloadermoobotmozimsinetworknetwork scanningopendirphishingphishing attackprocess injectionps1quasarratraccoonclipperransomwareratreconnaissanceremcosratremote accessresearchedrev-base64-loadersaint helena, ascension and tristan da cunhascams & fraudscannerscripting attackssliversmartloadersmoke loadersocial engineeringsshdkitt1027t1055t1059t1059.001t1059.007t1071t1071.001t1078t1086t1105t1133t1189t1190t1204t1204.001t1204.002t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1566.003t1583t1588t1589t1592t1595.001t1595.002t1595.003threat actortor nodetsunamiua-wgetvidarvipkeyloggerweb exploitationxloaderxwormzip

Activity Timeline

1 total obs
Apr 26Apr 26

Threat Activity Heatmap

· Peak: 2026-04-26
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

The identified Indicator of Compromise (IOC) `59.96.140.100` represents a significant and credible threat to organizational security, demanding immediate attention. With a high score of 35.47 and confirmed malicious associations, this IPv4 address is strongly implicated in advanced persistent threat activities, including command and control (C2) operations and the deployment of backdoor tools. Its direct linkage to established threat actors, specifically Roaming Mantis and SMOKY SPIDER as indica…

Threat ScoreLow Risk
35
SIGNAL
Signal Score
35%
Confidence
10
Reports
First seenApr 10, 2025
Last seenApr 26, 2026
GeolocationIN
CountryIndia
LocationGarhchiroli, HR
ASNAS9829
OrgBSNL Internet
Coords30.3557, 76.8019

VirusTotal

9/ 91vendors flagged
10% detection rateJun 3, 2026

WHOIS

raw
inetnum: 59.96.128.0 - 59.96.143.255 netname: BB-Multiplay descr: Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore country: IN admin-c: BH155-AP tech-c: DB374-AP abuse-c: AB1061-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-IN-DOT mnt-irt: IRT-BSNL-IN last-modified: 2021-07-15T07:16:25Z source: APNIC irt: IRT-BSNL-IN address: Internet Cell address: Bharat Sanchar Nigam Limited. address: 8th Floor,148-B Statesman House address: Barakhamba Road, New Delhi - 110 001 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: NC83-AP tech-c: CGMD1-AP auth: # Filtered remarks: [email protected] was validated on 2025-07-02 mnt-by: MAINT-IN-DOT last-modified: 2025-09-04T01:01:13Z source: APNIC role: ABUSE BSNLIN country: ZZ address: Internet Cell address: Bharat Sanchar Nigam Limited. address: 8th Floor,148-B Statesman House address: Barakhamba Road, New Delhi - 110 001 phone: +000000000 e-mail: [email protected] admin-c: NC83-AP tech-c: CGMD1-AP nic-hdl: AB1061-AP remarks: Generated from irt object IRT-BSNL-IN remarks: [email protected] was validated on 2025-07-02 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-02T04:54:12Z source: APNIC person: BSNL Hostmaster nic-hdl: BH155-AP e-mail: [email protected] address: Broadband Networks address: Bharat Sanchar Nigam Limited address: 2nd Floor, Telephone Exchange, Sector 62 address: Noida phone: +91-120-2404243 fax-no: +91-120-2404241 country: IN mnt-by: MAINT-IN-PER-DOT last-modified: 2021-12-08T10:52:18Z source: APNIC person: DGM Broadband address: BSNL NOC Bangalore country: IN phone: +91-080-25805800 fax-no: +91-080-25800022 e-mail: [email protected] nic-hdl: DB374-AP mnt-by: MAINT-IN-PER-DOT last-modified: 2011-02-19T10:03:44Z source: APNIC route: 59.96.140.0/24 origin: AS9829 descr: Bharat Sanchar Nigam Ltd O/o Chief General Manager, Data Networks, BSNL CTS Compond, Netaji Nagar mnt-by: MAINT-IN-DOT last-modified: 2020-10-20T11:03:54Z source: APNIC
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 10 threat reports