IntrusionLabs / threat intelligence

Sign in

← Back to feed

118.194.249.186

TAGGED MALICIOUS how we decide →

Threat Confidence

36%

Location

🇰🇷 KR / Seoul

ASN

AS135377 · UCLOUD INFORMATION TECHNOLOGY HK LIMITED

Cloud Provider

—

Total Events

18

Average by volume

Agent Count

1

First / Last Seen

2026-04-28 10:45 — 2026-05-26 14:55

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Initial Access

T1078

Credential Access

T1110 T1110.001

Exfiltration

T1048

External Corroboration

Not flagged by any external feeds

Campaigns

AS135377 UCLOUD INFORMATION TECHNOLOGY HK LIMITED ASN Active medium 🇭🇰 HK

52 IPs 21916 events

ftp:bruteforcehttp:scanmysql:bruteforcessh:bruteforce

2026-02-18 — ongoing · 52 IPs from the same network (UCLOUD INFORMATION TECHNOLOGY HK LIMITED, AS135377) were active during overlapping time periods. …

Session Forensics

data_exfiltrator ×3

Sessions

3 (3 with login)

Avg Depth Score

0.9

Commands Executed

0

Files Downloaded

0

Fingerprints

HASSH

98ddc5604ef6a1006a2b49a58759fbe6

SSH Client

SSH-2.0-Go

Evidence Timeline

Data Exfiltrator d90cdd9c108b w4m_seattle_01 · 2026-05-26 14:54

1 90%

Loading events...

Data Exfiltrator 3d91e17f06e2 w4m_seattle_01 · 2026-05-17 04:28

1 90%

Loading events...

Data Exfiltrator dc9901ba2e12 w4m_seattle_01 · 2026-04-28 10:45

1 90%

Loading events...