IPMediumSignal 26/100
77.88.21.119
Location
Russian FederationMoscow, Moscow
ASN
AS13238
Yandex LLC
First Seen
Aug 10, 2023
Last Seen
Jun 4, 2026
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
26%
Signal Score
26 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryRussian Federation
Russian FederationRegionMoscow, Moscow
ASNAS13238
OrganizationYandex LLC
Feed Intelligence Summary
6 reports26% confidence
6
Source reports
26%
Confidence score
Category tags
active scanactive scanningalbertaalberta ndpalberta sall ipv4america flaganti-vmantiavarchauthentication attemptsbangatbitcoinblockchainbotnetbotnet activitybrute forcebrute force attackbypassc2ca dvcapachachacivil servicescode injectioncommand & controlcommand and controlcommodity contracts intermediationcommunication protocolcompromised hostcomspeccookiecredential accesscredential harvestingcredential stuffingcrypto exchangecrypto miningcrypto walletcryptocurrencycustomcustom rulesdata accessdata copyingdata encryptiondata exfiltrationdata store exposuredata transferdata uploaddatabase securityddosdecentralized financedelete cdenial of servicedigital currencydistributed attacksdns attackdotnetdv r36dynamicloaderef f5electronic health recordsemailsencryptencryptionenfalenter scentityerroreurope/asiaexploitation activityextrafafc edmontonfailfalsefilesfindfind sfranksftpfunctionfusiongmtngovernment technologyhackinghealth care and social assistancehealth information technologyhealthcare information systemshospital managementhostshttp scanneridentity & access exploitationimapimpactinclude reviewindicatorindicators of compromiseinformation technologyinfostealeringress tool transferinjectinjection activityinjection attacksinstallintrusion detectionipv4 addircissuer sectigoit infrastructurekeylogkhtmllevellog idloggerlte failedmachomalicious downloadmalicious softwaremalwaremalware analysismalware distributionmarkmazemedical servicesmeetingmetametadata analysisminemiragemodelmonitored targetmsienaikonnation-state activityndp certificatenetwalkernetworknetwork attacksnetwork intrusionnetwork protocolnetwork scanningnetwork securitynetwork trafficnjratnorth americanotifyocspolyxopenssloperating systempassword attackspatient carephishingphishing attackpipespleaseplugxprocessprocess injectionprotocol exploitationpublic administrationpublic infrastructurepublic policypublic serverransomwarereconnaissancereferen dataregulatory agenciesremote accessremote access trojanremote servicesresearchedreverse dnsriseprorooterrootkitrurussiarussian federationsafenetsandboxscanidscannerscriptsectigo limitedsectigo publicserversserviceshellsmtpsocial engineeringsocial media securitysoftware developmentssh attackstatus actionst1005t1007t1010t1012t1016t1018t1021t1021.001t1027t1030t1033t1040t1046t1053t1053.005t1055t1056t1057t1059t1059.001t1059.003t1059.004t1059.007t1069.001t1070t1071t1071.001t1076t1078t1078.002t1082t1083t1087t1105t1110t1110.001t1110.002t1110.003t1110.004t1112t1115t1129t1134t1190t1204.001t1213t1222t1486t1496t1497t1499.001t1499.002t1499.003t1518t1543t1547t1553t1563t1565t1566t1566.001t1566.002t1566.003t1569t1573t1588t1592t1595t1595.001t1595.002t1595.003t1614tcp protocoltelnet threattftpthorthreat actorthreat intelligencetimestamp inputtitletls webtlsv1tor nodetypetype ounitedunited stateswabotwarpweb exploitationweb trafficwindowwindows ntwritewrite cxtremeratyara ruleyara rule matchyayih
Activity Timeline
Jun 4Jun 4
Threat Activity Heatmap
· Peak: 2026-06-04LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
26
SIGNAL
Signal Score
26%
Confidence
6
Reports
First seenAug 10, 2023
Last seenJun 4, 2026
GeolocationRU
CountryRussian Federation
LocationMoscow, Moscow
ASNAS13238
OrgYandex LLC
Coords55.7342, 37.5859
VirusTotal
Not checked
WHOIS
- raw
- inetnum: 77.88.21.0 - 77.88.21.255 netname: YANDEX-77-88-21-0 status: ASSIGNED PA country: RU descr: Yandex enterprise network mnt-by: YANDEX-MNT admin-c: YNDX1-RIPE tech-c: YNDX1-RIPE org: ORG-YA1-RIPE remarks: INFRA-AW source: RIPE created: 2007-09-24T16:18:59Z last-modified: 2024-10-28T10:36:46Z organisation: ORG-YA1-RIPE org-name: YANDEX LLC country: RU org-type: LIR address: LVA TOLSTOY STREET, 16 address: 119021 address: Moscow address: RUSSIAN FEDERATION phone: +74957397000 fax-no: +74957397070 admin-c: YNDX1-RIPE tech-c: YNDX1-RIPE abuse-c: YAH6-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: YANDEX-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: YANDEX-MNT created: 2004-04-22T14:39:02Z last-modified: 2025-08-04T11:07:18Z source: RIPE # Filtered role: Yandex LLC Network Operations address: Yandex LLC address: 16, Leo Tolstoy St. address: 119021 address: Moscow address: Russian Federation phone: +7 495 739 7000 fax-no: +7 495 739 7070 remarks: trouble: ------------------------------------------------------ remarks: trouble: Points of contact for Yandex LLC Network Operations remarks: trouble: ------------------------------------------------------ remarks: trouble: Routing and peering issues: [email protected] remarks: trouble: SPAM issues: [email protected] remarks: trouble: Network security issues: [email protected] remarks: trouble: Mail issues: [email protected] remarks: trouble: General information: [email protected] remarks: trouble: ------------------------------------------------------ admin-c: MK24579-RIPE tech-c: EM3673-RIPE tech-c: AUR2-RIPE nic-hdl: YNDX1-RIPE mnt-by: YANDEX-MNT created: 2002-06-07T05:35:50Z last-modified: 2021-08-23T16:42:06Z source: RIPE # Filtered abuse-mailbox: [email protected] route: 77.88.0.0/18 descr: Yandex enterprise network origin: AS13238 mnt-by: YANDEX-MNT created: 2007-03-15T11:01:41Z last-modified: 2007-03-15T11:01:41Z source: RIPE
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 years ago · Last seen 24 days ago
Appeared in 6 threat reports