IntrusionLabs IntrusionLabs
← Back to feed

171.231.199.243

Threat Confidence
43%
Location
🇻🇳 VN / Da Nang
ASN
AS7552 · Viettel Group
Cloud Provider
Total Events
69
Above average by volume
Agent Count
1
First / Last Seen
2026-04-10 09:56 — 2026-04-10 10:29
Attack Types
ssh:bruteforce
MITRE ATT&CK Techniques
Credential Access
T1110 T1110.001
Command and Control
T1090 T1572
External Corroboration
Not flagged by any external feeds
Campaigns
AS7552 Viettel Group ASN Active medium 🇻🇳 VN
15 IPs 2602 events
ssh:bruteforce
2026-02-16 — ongoing · 15 IPs from the same network (Viettel Group, AS7552) were active during overlapping time periods. Temporal correlation across …
Session Forensics
proxy_abuser ×3 credential_harvester ×9
Sessions
12 (3 with login)
Avg Depth Score
0.47
Commands Executed
0
Files Downloaded
0
Fingerprints
HASSH
fda360b1b4f4d3455cb75c6e7edb1d11
SSH Client
SSH-2.0-AsyncSSH_2.1.0
Evidence Timeline
Credential Harvester bf3a29cc1a5a w4m_seattle_01 · 2026-04-10 10:29
1 35%
Loading events...
Credential Harvester e7fab82731ff w4m_seattle_01 · 2026-04-10 10:28
1 35%
Loading events...
Credential Harvester e4c997185324 w4m_seattle_01 · 2026-04-10 10:21
1 35%
Loading events...
Credential Harvester 1608cc379294 w4m_seattle_01 · 2026-04-10 10:20
1 35%
Loading events...
Proxy Abuser fe688d9f1581 w4m_seattle_01 · 2026-04-10 10:17
1 85%
Loading events...
Credential Harvester 67d1bb4f09a5 w4m_seattle_01 · 2026-04-10 10:12
1 35%
Loading events...
Proxy Abuser 3d2ebd0162d7 w4m_seattle_01 · 2026-04-10 10:11
1 85%
Loading events...
Credential Harvester 25944a749cf3 w4m_seattle_01 · 2026-04-10 10:05
1 35%
Loading events...
Credential Harvester 979b7812fe9f w4m_seattle_01 · 2026-04-10 10:02
1 35%
Loading events...
Credential Harvester e65c155cb3db w4m_seattle_01 · 2026-04-10 10:01
1 35%
Loading events...
Credential Harvester dfad6423d625 w4m_seattle_01 · 2026-04-10 09:56
1 35%
Loading events...
Proxy Abuser bf0ea0951591 w4m_seattle_01 · 2026-04-10 09:56
1 85%
Loading events...