IP address 62.149.128.157 (mxd8.aruba.it)

No activities identified yet

IOC - Indicator of Compromise (13)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
162.149.128.42imaps.aruba.itEmotetverifiedHigh
262.149.128.45redirect.aruba.itLokibotverifiedHigh
362.149.128.72mxd4.aruba.itUnknownverifiedHigh
4XX.XXX.XXX.XXxxxx.xxxxx.xxXxxxxverifiedHigh
5XX.XXX.XXX.XXXxxxx.xxxxx.xxXxxxxverifiedHigh
6XX.XXX.XXX.XXXxxxx.xxxxx.xxXxxxxxxverifiedHigh
7XX.XXX.XXX.XXXxxxx.xxxxx.xxXxxxxverifiedHigh
8XX.XXX.XXX.XXXxxxx.xxxxx.xxXxxxxverifiedHigh
9XX.XXX.XXX.XXXxxxx.xxxxx.xxXxxxxverifiedHigh
10XX.XXX.XXX.XXXxxxx.xxxxx.xxXxxxxverifiedHigh
11XX.XXX.XXX.XXXxxxxx.xxxxx.xxXxxxxxverifiedHigh
12XX.XXX.XXX.XXXxxxxx.xxxxx.xxXxxxxxverifiedHigh
13XX.XXX.XXX.XXXxxxxxx.xxxxx.xxXxxxxxverifiedHigh

References (7)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!