IntrusionLabs IntrusionLabs
← Back to feed

27.79.46.25

TAGGED SUSPICIOUS how we decide →
Threat Confidence
42%
Location
🇻🇳 VN / Da Nang
ASN
AS7552 · Viettel Group
Cloud Provider
Total Events
63
Average by volume
Agent Count
1
First / Last Seen
2026-05-28 23:35 — 2026-05-29 00:20
Attack Types
ssh:bruteforce
MITRE ATT&CK Techniques
Reconnaissance
T1595.002
Initial Access
T1078
Credential Access
T1110 T1110.001
Command and Control
T1090 T1572
External Corroboration
Not flagged by any external feeds
Campaigns
AS7552 Viettel Group ASN Active medium 🇻🇳 VN
23 IPs 5265 events
ssh:bruteforce
2026-02-16 — ongoing · 23 IPs from the same network (Viettel Group, AS7552) were active during overlapping time periods. Temporal correlation across …
Session Forensics
proxy_abuser ×1 credential_probe ×10 opportunistic_bruter ×1
Sessions
12 (2 with login)
Avg Depth Score
0.28
Commands Executed
0
Files Downloaded
0
Fingerprints
HASSH
fda360b1b4f4d3455cb75c6e7edb1d11
SSH Client
SSH-2.0-AsyncSSH_2.1.0
Evidence Timeline
Credential Probe f51c6deee05f w4m_seattle_01 · 2026-05-29 00:20
1 20%
Loading events...
Credential Probe 651d3fcc4485 w4m_seattle_01 · 2026-05-29 00:16
1 20%
Loading events...
Credential Probe 9b40d671586e w4m_seattle_01 · 2026-05-29 00:12
1 20%
Loading events...
Opportunistic Bruter e4faccd3d8f7 w4m_seattle_01 · 2026-05-29 00:06
1 50%
Loading events...
Credential Probe 594df4884706 w4m_seattle_01 · 2026-05-29 00:08
1 20%
Loading events...
Credential Probe dacb91b34ba5 w4m_seattle_01 · 2026-05-28 23:57
1 20%
Loading events...
Credential Probe cac17a745065 w4m_seattle_01 · 2026-05-28 23:50
1 20%
Loading events...
Credential Probe 378ca1390237 w4m_seattle_01 · 2026-05-28 23:48
1 20%
Loading events...
Credential Probe 24bb750c3f34 w4m_seattle_01 · 2026-05-28 23:46
1 20%
Loading events...
Credential Probe 1e69a942cc3b w4m_seattle_01 · 2026-05-28 23:42
1 20%
Loading events...
Proxy Abuser 821cbfc6f2c0 w4m_seattle_01 · 2026-05-28 23:38
1 85%
Loading events...
Credential Probe 1ed6f4bad2f2 w4m_seattle_01 · 2026-05-28 23:35
1 20%
Loading events...