IOC Radar
IPMediumSignal 51/100

78.39.182.115

Location
Iran, Islamic Republic ofIran, Islamic Republic of
Tehran, Tehran
ASN
AS58224
Iran Information Technology Company PJSC
First Seen
Aug 15, 2025
Last Seen
Aug 21, 2025
Aug 15
First Seen
311d ago
Aug 21
Last Seen
305d ago
12
Reports
source reports
51%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Network Information

CountryIRIran, Islamic Republic of
RegionTehran, Tehran
ASNAS58224
OrganizationIran Information Technology Company PJSC

Feed Intelligence Summary

12 reports51% confidence
12
Source reports
51%
Confidence score
Category tags
active scanningasiaattackbotnetbotnet activity detectedbrute forcebrute force attackc2c2 communicationcommand and controlcompromised hostcompromised systemscredential accesscredential stuffingdata exfiltrationddos attacksdistributed attackshackingindicatorinfected hostsiranmalicious activitymalicious softwaremalwaremalware distributionmalware-related botnet activitynetworknetwork trafficpassword attacksprocess injectionreconnaissanceresearchedscannerspam bot activityssh attackt1055t1059t1059.004t1071t1071.001t1078t1078.002t1078.003t1078.004t1105t1110.001t1110.002t1110.003t1110.004t1486t1496t1499.002t1499.003t1565t1566t1566.001t1566.002t1573t1573.001t1595.001t1595.002t1595.003threat actor

Activity Timeline

1 total obs
Aug 21Aug 21

Threat Activity Heatmap

· Peak: 2025-08-21
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
12
Reports
First seenAug 15, 2025
Last seenAug 21, 2025
GeolocationIR
CountryIran, Islamic Republic of
LocationTehran, Tehran
ASNAS58224
OrgIran Information Technology Company PJSC
Coords35.7373, 51.4157

VirusTotal

Not checked

WHOIS

raw
inetnum: 78.38.0.0 - 78.39.255.255 netname: IR-DCC-20070319 country: IR org: ORG-TCoI1-RIPE admin-c: AA12876-RIPE tech-c: AA12876-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-by: AS12880-MNT mnt-lower: AS12880-MNT mnt-routes: AS12880-MNT created: 2007-03-19T10:13:26Z last-modified: 2016-05-24T10:30:03Z source: RIPE organisation: ORG-TCoI1-RIPE org-name: Iran Information Technology Company PJSC country: IR org-type: LIR descr: Information Technology Organization address: No.807, Shariati St., Qodousi St., Seydkhandan address: 1631713931 address: Tehran address: IRAN, ISLAMIC REPUBLIC OF phone: +982188115928 fax-no: +982188529024 admin-c: BA3672-RIPE admin-c: AA12876-RIPE abuse-c: AR15624-RIPE mnt-ref: RIPE-NCC-HM-MNT mnt-ref: AS12880-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: AS12880-MNT created: 2004-04-17T11:28:07Z last-modified: 2025-04-07T14:32:43Z source: RIPE # Filtered person: Aliasghar Ansari address: Afagh Bldg.,No. 20, Beyhaghi Blvd., Arzhantin Sq.,Tehran, Iran phone: +98 21 848 026 66 fax-no: +98 21 848 026 70 nic-hdl: AA12876-RIPE mnt-by: AS12880-MNT created: 2012-08-04T10:19:05Z last-modified: 2018-12-24T09:58:10Z source: RIPE # Filtered route: 78.39.182.0/24 origin: AS58224 mnt-by: TCI-RIPE-MNT created: 2024-10-06T07:52:22Z last-modified: 2024-10-06T07:52:22Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 10 months ago · Last seen 10 months ago
Appeared in 12 threat reports