IOC Radar
IPMediumSignal 47/100

62.178.229.39

Location
AustriaAustria
Vienna, Wien
ASN
AS8412
Liberty Global B.V.
First Seen
Jun 16, 2025
Last Seen
Apr 11, 2026
Jun 16
First Seen
371d ago
Apr 11
Last Seen
73d ago
9
Reports
source reports
47%
Confidence
medium
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
47%
Signal Score
47 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Network Information

CountryATAustria
RegionVienna, Wien
ASNAS8412
OrganizationLiberty Global B.V.

Feed Intelligence Summary

9 reports47% confidence
9
Source reports
47%
Confidence score
Category tags
active scanactive scanningapkasciiasyncrataustriabackdoorbase64-loaderbotnetbotnet activitybotnetdomainbrute forcec2 communicationcensyscobalt-strikecobaltstrikecode injectioncoinminercommand & controlcommand and controlcredential accesscredential stuffingcryptocurrencydata exfiltrationdata store exposuredata theftddosddos attacksdistributed attacksdropped-by-amadeyelfencryptioneuropeexeexecutable fileexploitexploitation activityftp brute forcegafgytgh0strat activity detectedgh0strat malware activitygithubhajimehtaidentity & access exploitationindicatorinfostealerinjection activityinternet of thingsiot botnetiot securityiot/ics attacklateral movementlivelnklummastealermalicious softwaremalwaremassloggermetastealermeterpretermirai botnetmobile threatmozinetworknetwork enumerationnetwork probingnetwork scanningnetwork securitynjratopendiroperating systempayloadpersistence mechanismprocess injectionprotocol exploitationransomwareratreconnaissanceremcosratremote accessremote access trojanremote servicesresearchedreverse shellrustystealersaint helena, ascension and tristan da cunhascannerservice discoveryssh attacksshdkitstealeriumstealerstrratt1003t1016t1021t1021.001t1027t1040t1041t1046t1053t1053.005t1055t1056t1059t1059.001t1059.007t1068t1069.001t1071t1071.001t1076t1078t1082t1105t1110t1110.002t1133t1190t1204t1204.001t1204.002t1486t1496t1499.002t1499.003t1547t1563t1565t1566t1569t1573t1588t1595t1595.001t1595.002t1595.003tcp scantelnet threatthreat actortor nodeua-wgetudp scanvbsvidarweb exploitationwsgidavxworm

Activity Timeline

1 total obs
Apr 11Apr 11

Threat Activity Heatmap

· Peak: 2026-04-11
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
47
SIGNAL
Signal Score
47%
Confidence
9
Reports
First seenJun 16, 2025
Last seenApr 11, 2026
GeolocationAT
CountryAustria
LocationVienna, Wien
ASNAS8412
OrgLiberty Global B.V.
Coords48.1875, 16.3550

VirusTotal

Not checked

WHOIS

raw
inetnum: 62.178.198.16 - 62.178.250.255 netname: UPC descr: UPC Telekabel country: AT admin-c: TMA5-RIPE tech-c: TMA5-RIPE status: ASSIGNED PA mnt-by: AT-INODE-DOM created: 2011-05-02T06:35:46Z last-modified: 2021-12-14T08:58:13Z source: RIPE role: Magenta Telekom address: T-Mobile Austria GmbH address: Rennweg 97-99 address: A-1030 Vienna address: Austria mnt-by: AS8412-MNT abuse-mailbox: [email protected] org: ORG-MTSG1-RIPE admin-c: TH2844-RIPE admin-c: KRK9-RIPE admin-c: CS552-RIPE admin-c: DK1765-RIPE admin-c: WIGG1-RIPE tech-c: TH2844-RIPE tech-c: KRK9-RIPE tech-c: CS552-RIPE tech-c: DK1765-RIPE tech-c: WIGG1-RIPE nic-hdl: TMA5-RIPE created: 2006-08-02T10:45:55Z last-modified: 2023-09-18T18:08:37Z source: RIPE # Filtered route: 62.178.128.0/17 descr: Magenta Telekom origin: AS8412 mnt-by: AS8412-MNT created: 2021-04-14T10:39:18Z last-modified: 2021-04-14T10:39:18Z source: RIPE
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 9 threat reports