IOC Radar
IPMediumSignal 57/100

85.192.137.28

Location
Russian FederationRussian Federation
Orenburg, Orenburgskaya oblast'
ASN
AS12389
OJSC VolgaTelecom Orenburg
First Seen
Feb 23, 2026
Last Seen
May 30, 2026
Feb 23
First Seen
113d ago
May 30
Last Seen
16d ago
6
Reports
source reports
57%
Confidence
medium
Found in 6 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
57%
Signal Score
57 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Network Information

CountryRURussian Federation
RegionOrenburg, Orenburgskaya oblast'
ASNAS12389
OrganizationOJSC VolgaTelecom Orenburg

Feed Intelligence Summary

6 reports57% confidence
6
Source reports
57%
Confidence score
Category tags
abuseactive scanactive scanningbad reputationbotnetbotnet activitybrute forcebrute force attackbrute-forcebruteforcecredential accesscredential stuffingddosddos attackeurope/asiaexploitation activityexploited hosthackingidentity & access exploitationindicatormalicious ipmirainetworkpassword attacksreconnaissanceresearchedrurussiascanscannersmbt1110.001t1110.002t1110.003t1110.004t1595.001t1595.002t1595.003tcp

Activity Timeline

1 total obs
May 30May 30

Threat Activity Heatmap

· Peak: 2026-05-30
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
57
SIGNAL
Signal Score
57%
Confidence
6
Reports
First seenFeb 23, 2026
Last seenMay 30, 2026
GeolocationRU
CountryRussian Federation
LocationOrenburg, Orenburgskaya oblast'
ASNAS12389
OrgOJSC VolgaTelecom Orenburg
Coords51.7727, 55.0994

VirusTotal

Not checked

WHOIS

description
Scans hitting the server at TCP port 445 SMB. Same IP should not appear more than once in 96 hours in our lists S3#.
raw
inetnum: 85.192.128.0 - 85.192.140.31 netname: ESOO-NET descr: OJSC "VolgaTelecom" Orenburg country: RU admin-c: SAN11-RIPE tech-c: SAS51-RIPE tech-c: AO704-RIPE status: ASSIGNED PA mnt-by: ESOO-MNT created: 2007-05-16T11:01:46Z last-modified: 2007-05-16T11:01:46Z source: RIPE # Filtered person: Alexey Orlov address: "VolgaTelekom", Tereshkovoi str. 10, 460000, Orenburg phone: +7 831 4375173 fax-no: +7 3532 569843 nic-hdl: AO704-RIPE mnt-by: ESOO-MNT created: 2004-02-11T10:31:08Z last-modified: 2015-06-08T13:38:56Z source: RIPE # Filtered person: Sergey A Nikonov address: 10, Tereshkovoi st., address: Orenburg Russia 460000 phone: +7 3532 560879 fax-no: +7 3532 560063 nic-hdl: SAN11-RIPE mnt-by: PORTAL-NOC created: 1970-01-01T00:00:00Z last-modified: 2001-09-21T23:55:04Z source: RIPE # Filtered person: Sergey A Stepanov address: 10, Tereshkovoi st., address: Orenburg Russia 460000 phone: +7 3532 574419 fax-no: +7 3532 560063 nic-hdl: SAS51-RIPE mnt-by: ESOO-MNT created: 2002-11-29T15:20:25Z last-modified: 2002-11-29T15:20:25Z source: RIPE # Filtered route: 85.192.136.0/22 descr: Orenburg branch office of VolgaTelecom company origin: AS25008 mnt-by: ESOO-MNT created: 2010-02-05T11:38:14Z last-modified: 2010-02-05T11:38:14Z source: RIPE

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 3 months ago · Last seen 16 days ago
Appeared in 6 threat reports