IOC Radar
IPMediumSignal 32/100

78.38.41.89

Location
Iran, Islamic Republic ofIran, Islamic Republic of
Rasht, Gilan Province
ASN
AS58224
Guilan Telecommunication Company
First Seen
Feb 11, 2024
Last Seen
Apr 22, 2026
Feb 11
First Seen
852d ago
Apr 22
Last Seen
51d ago
8
Reports
source reports
32%
Confidence
medium
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
32%
Signal Score
32 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

34 techniques

Network Information

CountryIRIran, Islamic Republic of
RegionRasht, Gilan Province
ASNAS58224
OrganizationGuilan Telecommunication Company

Feed Intelligence Summary

8 reports32% confidence
8
Source reports
32%
Confidence score
Category tags
abuseactive scanactive scanningasiabad reputationbotnetbotnet activitybrute forcebrute force attackcommand and controlcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposureddosdenial of servicedistributed attacksexploit attemptsexploitation activityftp brute forcehttp brute forceidentity & access exploitationindicatorinfrastructure acquisitionreconnaissanceinjection activityiriraniran, islamic republic oflateral movementmalicious softwaremalwaremalware propagationmalware scanningmanualnetworknetwork probingnetwork scanningpassword attacksphishingphishing attackprocess injectionreconnaissanceremote accessremote servicesresearchedscannersmtp brute forcesocial engineeringsql injection attemptsssh attackt1021t1021.001t1046t1055t1059t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1190t1199t1210t1486t1496t1499.002t1499.003t1563t1565t1566.001t1566.002t1566.003t1587.001t1588t1590.001t1595t1595.001t1595.002t1595.003targeting database

Activity Timeline

1 total obs
Apr 22Apr 22

Threat Activity Heatmap

· Peak: 2026-04-22
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreLow Risk
32
SIGNAL
Signal Score
32%
Confidence
8
Reports
First seenFeb 11, 2024
Last seenApr 22, 2026
GeolocationIR
CountryIran, Islamic Republic of
LocationRasht, Gilan Province
ASNAS58224
OrgGuilan Telecommunication Company
Coords35.6980, 51.4115

VirusTotal

Not checked

WHOIS

raw
inetnum: 78.38.40.0 - 78.38.41.255 netname: GILTEL descr: Guilan Telecommunication Company country: IR admin-c: MAF119-RIPE tech-c: MAF119-RIPE status: ASSIGNED PA mnt-by: AS12880-MNT created: 2008-03-24T07:06:52Z last-modified: 2012-11-21T10:11:53Z source: RIPE person: Mehrdad Adabi Fard address: Golsar sq., Rasht,Guilan ,Iran phone: +98 131 724 24 18 fax-no: +98 131 724 24 18 nic-hdl: MAF119-RIPE mnt-by: AS12880-MNT created: 2012-11-21T10:11:52Z last-modified: 2012-11-21T10:11:52Z source: RIPE # Filtered route: 78.38.40.0/23 origin: AS58224 mnt-by: TCI-RIPE-MNT created: 2017-09-10T11:15:25Z last-modified: 2017-11-13T08:12:26Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 1 month ago
Appeared in 8 threat reports