IOC Radar
IPMediumSignal 42/100

82.65.122.176

Location
FranceFrance
Lion-sur-Mer, Hauts-de-France
ASN
AS12322
ProXad network / Free SA
First Seen
Feb 16, 2025
Last Seen
Apr 1, 2026
Feb 16
First Seen
489d ago
Apr 1
Last Seen
81d ago
9
Reports
source reports
42%
Confidence
medium
10/91
VirusTotal
detections
Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
42%
Signal Score
42 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

27 techniques

Network Information

CountryFRFrance
RegionLion-sur-Mer, Hauts-de-France
ASNAS12322
OrganizationProXad network / Free SA

Feed Intelligence Summary

9 reports42% confidence
9
Source reports
42%
Confidence score
Category tags
abuseactive scanahmythapkarmasyncratbackdoorbad reputationbitbucketbotnetbotnet activitybotnetdomaincensyscobaltstrikecoinminercommand and controlcryptocurrencyctadata encryptiondata exfiltrationdata store exposureddosddos attacksdistributed attacksdlldropped-by-amadeyelfencryptioneuropeexeexecutable fileexploitation activityextortionfrfrancegafgythajimehavochijackloaderindicatorinfostealerinjection activityinternet of thingsiot botnetiot securityiot/ics attackjava-bytecodekaijil3monloaderlummastealermachomalicious softwaremalwaremeduzastealermeterpretermipsmirai botnetmobile threatmozimultiratnetworkopendirparaguaypdfpinkprocess injectionps1qbotransomwareratredlinestealerremote accessresearchedsaint helena, ascension and tristan da cunhascams & fraudshellcodesliversmoke loadersshdkitstealcsystem disruptionsystembct1005t1027t1055t1059t1071t1071.001t1078t1105t1133t1189t1190t1204t1204.002t1486t1490t1496t1499.002t1499.003t1547t1565t1566t1566.001t1583t1584t1588t1588.002t1608threat actortor nodeua-wgetvidarwsgidavxmrigxorbotzip

Activity Timeline

1 total obs
Apr 1Apr 1

Threat Activity Heatmap

· Peak: 2026-04-01
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an IPv4 address 82.65.122.176, carries significant risk with a score of 42.347 and is not whitelisted, indicating its potential involvement in malicious activities. Its association with established threat actors such as SMOKY SPIDER and TA570 highlights the gravity of potential compromise, suggesting a connection to sophisticated and persistent threats. If this IOC is observed within organizational networks, it could signify various severe outcomes, including …

Threat ScoreMedium Risk
42
SIGNAL
Signal Score
42%
Confidence
9
Reports
First seenFeb 16, 2025
Last seenApr 1, 2026
GeolocationFR
CountryFrance
LocationLion-sur-Mer, Hauts-de-France
ASNAS12322
OrgProXad network / Free SA
Coords48.8323, 2.4075

VirusTotal

10/ 91vendors flagged
11% detection rateJun 3, 2026

WHOIS

raw
inetnum: 82.64.0.0 - 82.67.255.255 netname: FR-PROXAD-20030403 country: FR org: ORG-PISP1-RIPE admin-c: ACP23-RIPE tech-c: TCP8-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-by: PROXAD-MNT mnt-routes: PROXAD-MNT created: 2003-04-03T09:27:48Z last-modified: 2018-02-14T01:51:58Z source: RIPE # Filtered organisation: ORG-PISP1-RIPE org-name: Free SAS country: FR org-type: LIR address: 16 rue de la Ville l'Eveque address: 75008 address: Paris address: FRANCE phone: +33173502000 fax-no: +33173922555 admin-c: ACP23-RIPE admin-c: TCP8-RIPE mnt-ref: PROXAD-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT mnt-by: PROXAD-MNT tech-c: TCP8-RIPE remarks: Pour les requisitions judiciaires/administratives, merci de contacter par fax le 33 1 73 92 25 55 abuse-c: ACP23-RIPE created: 2004-04-17T11:23:24Z last-modified: 2020-12-16T12:45:25Z source: RIPE # Filtered role: Administrative Contact for ProXad address: Free SAS / ProXad address: 8, rue de la Ville L'Eveque address: 75008 Paris phone: +33 1 73 50 20 00 fax-no: +33 1 73 92 25 69 remarks: trouble: Information: http://www.proxad.net/ remarks: trouble: Spam/Abuse requests: mailto:[email protected] admin-c: APfP1-RIPE tech-c: TPfP1-RIPE nic-hdl: ACP23-RIPE mnt-by: PROXAD-MNT abuse-mailbox: [email protected] created: 2002-06-26T12:46:56Z last-modified: 2013-08-01T12:16:00Z source: RIPE # Filtered role: Technical Contact for ProXad address: Free SAS / ProXad address: 8, rue de la Ville L'Eveque address: 75008 Paris phone: +33 1 73 50 20 00 fax-no: +33 1 73 92 25 69 remarks: trouble: Information: http://www.proxad.net/ remarks: trouble: Spam/Abuse requests: mailto:[email protected] admin-c: APfP1-RIPE tech-c: TPfP1-RIPE nic-hdl: TCP8-RIPE mnt-by: PROXAD-MNT created: 2002-06-26T12:29:10Z last-modified: 2011-06-14T09:03:07Z source: RIPE # Filtered abuse-mailbox: [email protected] route: 82.64.0.0/14 descr: ProXad network / Free SA descr: Paris, France origin: AS12322 mnt-by: PROXAD-MNT created: 2003-04-03T09:35:03Z last-modified: 2003-04-03T09:35:03Z source: RIPE # Filtered
references
https://urlhaus.abuse.ch/browse/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 9 threat reports