IOC Radar
IPMediumSignal 55/100

92.46.54.58

Location
KazakhstanKazakhstan
Almaty, Almaty
ASN
AS9198
AO Sert
First Seen
Sep 12, 2024
Last Seen
Jun 13, 2026
Sep 12
First Seen
653d ago
Jun 13
Last Seen
15d ago
16
Reports
source reports
55%
Confidence
medium
Found in 16 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
55%
Signal Score
55 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

44 techniques

Network Information

CountryKZKazakhstan
RegionAlmaty, Almaty
ASNAS9198
OrganizationAO Sert

Feed Intelligence Summary

16 reports55% confidence
16
Source reports
55%
Confidence score
Category tags
abuseaccess controlactive scanactive scanningasiaattackattack sourceaustraliaauthentication_bypassbad reputationbad web botblog spambotnetbotnet activitybrute forcebrute force attackbrute force attemptbrute force attemptsbrute-forcec&cc2cisco devicecisco exploitation attemptcnc_servercommand & controlcommand and controlcommunication protocolcompromised hostconnected devicesconpot honeypotcowrie honeypotcowrie interactionscowrie ssh attackscredential accesscredential harvestingcredential stuffingctadata exfiltrationdata store exposuredatabase attackdatabase securityddosddos attackddos attacksdecoy systemdenial of servicedevice managementdigital oceandionaea activitydionaea honeypotdionaea interactionsdistributed attackselasticpot honeypotelasticsearch monitoringenterprise networkingexploit probingexploitation activityexploitation attemptsexploited hostfattfatt analysisfatt signaturesftpftp attacksftp brute forcehackinghoneytrap activityhoneytrap honeypothoneytrap interactionshttp probinghttp scannerics securityidentity & access exploitationindicatorindustrial control systemsindustrial iotinfrastructure acquisitionreconnaissanceinitial accessinjection activityinjection attacksinternet of thingsintrusion detectioniociot analyticsiot applicationsiot botnetiot device targetingiot platformsiot securityiot targetediot/ics attackipphoney honeypotipv4ipv4_addresskazakhstanlamplamp server targetinglateral movementlateral movement attemptloginlogin attacklogin failuremailoney activitymailoney honeypotmailoney interactionsmalicious activitymalicious payloadmalicious softwaremalicious trafficmalicious_ipmalwaremalware behaviourmalware capturemalware deliverymanualmirai botnetnetworknetwork attacksnetwork infrastructurenetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork scannetwork scanningnetwork securitynetwork service scanningnetwork_intrusionnetwork_service_exploitationoceaniap0fp0f signaturespassword attackpassword attacksphishingphishing attackphishing trapping of deathpossible malware infectionprocess injectionprotocol exploitationransomwarereconnaissanceredis honeypotredishoneypot activityremote accessremote serviceremote_accessresearchedresource hijackingscanscannerscannersscanning activityscripting attackssecurity policysensor-taggedsentrypeer activitysentrypeer botnetsentrypeer interactionssentrypeer sip attacksservice scansftp access attemptssftp attacksip attackssip vulnerability scansmart devicessmtpsmtp attackssmtp probingsocial engineeringsocradar honeypotspamsshssh attackssh attacksssh monitoringsuricata alertst1018t1021t1021.002t1021.004t1040t1041t1046t1055t1059t1059.003t1059.004t1059.007t1068t1071t1071.001t1071.004t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1573t1587.001t1588.004t1590.001t1595t1595.001t1595.002t1595.003tannertanner activitytanner interactionstargeting databasetcp protocoltcp/23telecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotvoipvoip attackvulnerability scanweb app attackweb application attackweb attackweb exploitationweb spamweb traffic

Activity Timeline

1 total obs
Jun 13Jun 13

Threat Activity Heatmap

· Peak: 2026-06-13
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
55
SIGNAL
Signal Score
55%
Confidence
16
Reports
First seenSep 12, 2024
Last seenJun 13, 2026
GeolocationKZ
CountryKazakhstan
LocationAlmaty, Almaty
ASNAS9198
OrgAO Sert
Coords43.2380, 76.8829

VirusTotal

Not checked

WHOIS

description
Malware delivery. energy-sector honeypot. confidence 100/100. source: TSEC T-Pot honeypot network

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 15 days ago
Appeared in 16 threat reports