IOC Radar
IPMediumSignal 43/100

82.156.145.216

Location
ChinaChina
Beijing, Beijing
ASN
AS45090
Tencent Cloud Computing (Beijing) Co., Ltd
First Seen
Feb 27, 2025
Last Seen
Apr 14, 2026
Feb 27
First Seen
468d ago
Apr 14
Last Seen
57d ago
7
Reports
source reports
43%
Confidence
medium
7/91
VirusTotal
detections
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
43%
Signal Score
43 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

70 techniques

Network Information

CountryCNChina
RegionBeijing, Beijing
ASNAS45090
OrganizationTencent Cloud Computing (Beijing) Co., Ltd

Feed Intelligence Summary

7 reports43% confidence
7
Source reports
43%
Confidence score
Category tags
active scanactive scanningapacapac regionappdataaptasiaasia-pacificautomotive manufacturingbad reputationbotnetbotnet activitybrute forcebrute_forcebuilding constructioncdn exploitationcertchinacivil servicescloud service abusecode executioncode injectioncommand and controlcommand executioncommunication technologiesconstruction materialsconstruction safetyconstruction technologycredential accesscredential harvestingcredential stuffingcredential_accesscrypto cybercryptocurrencycyber threatdata exfiltrationdata store exposuredata theftdefencedirectorydistributed attacksdll sideloadingelectronic health recordselectronics manufacturingenergyenergy distributionexfiltrationexploitation activityfatalratftpgh0stgh0st ratgovernment technologygroup policygroup policy injectionhasheshealth care and social assistancehealth information technologyhealthcare information systemshospital managementicsidentity & access exploitationindicatorindustrial automationindustrial control systemsindustrial iotindustrial organizationsindustrial productioninformation technologyinfrastructure acquisitionreconnaissanceinitial accessinjection activityiot securityit infrastructurekaspersky icslateral movementmalicious softwaremalwaremanufacturing technologymedical servicesmobilemobile carriersmobile networksmobile securitymonitoringmoudoormydoornetworknetwork probingnetwork reconnaissancenetwork securitynetwork_reconnaissancenextnspackoil & gasoperation salmonslalompatient carepersistent accessphishingphishing attackpower generationpower systemsprocess injectionprocess manufacturingprotocol exploitationpublic administrationpublic infrastructurepublic policyquality controlratsreconnaissanceregulatory agenciesremote accessremote access trojanremote servicesrenewable energyresearchedsandboxscadasimaysimayratsocial engineeringsoftware developmentssh attacksupply chain attacksupply chain managementt1003t1012t1016t1021t1021.001t1027t1033t1036t1040t1046t1047t1053t1053.005t1055t1056t1056.001t1057t1059t1059.001t1064t1068t1070.001t1071t1071.001t1076t1078t1082t1083t1102t1105t1110t1110.002t1112t1132t1135t1136t1140t1190t1195t1202t1204t1218t1486t1496t1499.002t1499.003t1518t1530t1543.003t1547t1548t1553t1555t1563t1564t1565t1566t1566.001t1566.002t1566.003t1573t1574.002t1587.001t1588t1590.001t1595t1595.001t1595.002t1595.003t1598telecom servicestelecommunicationstelnet threatthreat actortimetor nodettpsturkeyturnurlsvulnerability scanyoudao cloudyoudao cloud noteszegost

Activity Timeline

1 total obs
Apr 14Apr 14

Threat Activity Heatmap

· Peak: 2026-04-14
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
43
SIGNAL
Signal Score
43%
Confidence
7
Reports
First seenFeb 27, 2025
Last seenApr 14, 2026
GeolocationCN
CountryChina
LocationBeijing, Beijing
ASNAS45090
OrgTencent Cloud Computing (Beijing) Co., Ltd
Coords34.7732, 113.7220

VirusTotal

7/ 91vendors flagged
8% detection rateJun 8, 2026

WHOIS

description
CC=CN ASN=AS45090 shenzhen tencent computer systems company limited
raw
inetnum: 82.156.0.0 - 82.157.255.255 netname: TENCENT-CN descr: Tencent Cloud Computing (Beijing) Co., Ltd descr: Floor 6, Yinke Building, 38 Haidian St, Haidian District country: CN org: ORG-TCCC1-AP admin-c: TCA15-AP tech-c: TCA15-AP abuse-c: AT992-AP status: ALLOCATED PORTABLE remarks: -------------------------------------------------------- remarks: To report network abuse, please contact mnt-irt remarks: For troubleshooting, please contact tech-c and admin-c remarks: Report invalid contact via www.apnic.net/invalidcontact remarks: -------------------------------------------------------- mnt-by: APNIC-HM mnt-lower: MAINT-TENCENT-CN mnt-routes: MAINT-TENCENT-CN mnt-irt: IRT-TENCENT-CN last-modified: 2020-07-22T13:10:57Z source: APNIC irt: IRT-TENCENT-CN address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 e-mail: [email protected] abuse-mailbox: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP auth: # Filtered remarks: [email protected] was validated on 2025-03-07 mnt-by: MAINT-COMSENZ1-CN last-modified: 2025-03-07T07:43:08Z source: APNIC organisation: ORG-TCCC1-AP org-name: Tencent Cloud Computing (Beijing) Co., Ltd org-type: LIR country: CN address: 309 West Zone, 3F. 49 Zhichun Road. Haidian District. phone: +86-10-62671299 fax-no: +86-10-82602088-41299 e-mail: [email protected] mnt-ref: APNIC-HM mnt-by: APNIC-HM last-modified: 2023-09-05T02:16:21Z source: APNIC role: ABUSE TENCENTCN country: ZZ address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 phone: +000000000 e-mail: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP nic-hdl: AT992-AP remarks: Generated from irt object IRT-TENCENT-CN remarks: [email protected] was validated on 2025-03-07 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-03-07T07:43:37Z source: APNIC role: Tencent Cloud administrator address: Floor 6, Yinke Building, 38 Haidian St, Haidian District, Beijing Beijing 100080 country: CN phone: +86-10-62671299 e-mail: [email protected] admin-c: TCA15-AP tech-c: TCA15-AP nic-hdl: TCA15-AP mnt-by: MAINT-AP-DIALPAD fax-no: +86-10-62671299 last-modified: 2017-04-04T10:34:03Z source: APNIC route: 82.156.0.0/15 origin: AS45090 descr: Tencent Cloud Computing (Beijing) Co., Ltd 309 West Zone, 3F. 49 Zhichun Road. Haidian District. mnt-by: MAINT-TENCENT-CN last-modified: 2020-02-24T07:34:42Z source: APNIC
references
https://ics-cert.kaspersky.com/publications/reports/2025/02/24/fatalrat-attacks-in-apac-backdoor-delivered-via-an-overly-long-infection-chain-to-chinese-speaking-targets, https://ics-cert.kaspersky.com/publications/reports/2025/02/24/fatalrat-attacks-in-apac-backdoor-delivered-via-an-overly-long-infection-chain-to-chinese-speaking-targets/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 1 month ago
Appeared in 7 threat reports