IntrusionLabs / threat intelligence

Sign in

← Back to feed

168.228.50.201

TAGGED MALICIOUS how we decide →

Threat Confidence

53%

Location

🇨🇷 CR / Quesada

ASN

AS262145 · Cooperativa de Electrificacion Rural de San Carlos R.L. Coopelesca R.L.

Cloud Provider

—

Total Events

62

Average by volume

Agent Count

1

First / Last Seen

2026-04-23 22:13 — 2026-04-30 04:08

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Reconnaissance

T1595 T1595.002

Initial Access

T1078

Execution

T1059.004

Credential Access

T1110 T1110.001

Discovery

T1046 T1083

External Corroboration

Blocklist.de

Reported 2026-04-30 05:01

blocklist_de:reported

Campaigns

Not associated with any campaigns

Session Forensics

scanner ×1 credential_probe ×1 interactive_operator ×4

Sessions

6 (4 with login)

Avg Depth Score

0.66

Commands Executed

30

Files Downloaded

0

Notable Commands

?
?
CMD:
cd ~
ls
> a6s87d6as8zdgtdyas.ini
exit

Fingerprints

HASSH

748f8c627d3f8ff9921d02f86f55ba2c

SSH Client

SSH-2.0-Renci.SshNet.SshClient.0.0.1

Evidence Timeline

Interactive Operator 896862c79b77 w4m_seattle_01 · 2026-04-30 04:08

6 1 90%

Loading events...

Interactive Operator 7ceb301da1fc w4m_seattle_01 · 2026-04-30 04:07

9 1 90%

Loading events...

Credential Probe b5325ca42230 w4m_seattle_01 · 2026-04-29 12:40

1 20%

Loading events...

Scanner f3212a2f2467 w4m_seattle_01 · 2026-04-29 12:40

15%

Loading events...

Interactive Operator 6f93b9fd9aa4 w4m_seattle_01 · 2026-04-23 22:13

6 1 90%

Loading events...

Interactive Operator f3a2744153c4 w4m_seattle_01 · 2026-04-23 22:13

9 1 90%

Loading events...