IntrusionLabs / threat intelligence

Sign in

← Back to feed

48.217.107.113

Threat Confidence

36%

Location

🇺🇸 US / Washington

ASN

AS8075 · Microsoft Corporation

Cloud Provider

Microsoft Azure

Total Events

53

Average by volume

Agent Count

1

First / Last Seen

2026-04-08 18:22 — 2026-04-08 20:11

Attack Types

ssh:bruteforce

MITRE ATT&CK Techniques

Initial Access

T1078

Credential Access

T1110 T1110.001 T1552.003

Discovery

T1016 T1082

External Corroboration

Not flagged by any external feeds

Campaigns

Not associated with any campaigns

Session Forensics

reconnaissance ×6 credential_harvester ×1

Sessions

7 (6 with login)

Avg Depth Score

0.56

Commands Executed

6

Files Downloaded

0

Notable Commands

hostname
pwd
history | tail -5
uname -a

Fingerprints

HASSH

16443846184eafde36765c9bab2f4397

SSH Client

SSH-2.0-Go

Evidence Timeline

Reconnaissance be6d9561746f w4m_seattle_01 · 2026-04-08 20:11

1 1 60%

Loading events...

Reconnaissance e99691dc6461 w4m_seattle_01 · 2026-04-08 20:02

1 1 60%

Loading events...

Reconnaissance eae0e9999ceb w4m_seattle_01 · 2026-04-08 19:54

1 1 60%

Loading events...

Credential Harvester 580a95b95903 w4m_seattle_01 · 2026-04-08 19:37

1 35%

Loading events...

Reconnaissance c5a5e8981844 w4m_seattle_01 · 2026-04-08 19:06

1 1 60%

Loading events...

Reconnaissance f72319fc0a0c w4m_seattle_01 · 2026-04-08 18:28

1 1 60%

Loading events...

Reconnaissance 7de7b06ae7ca w4m_seattle_01 · 2026-04-08 18:22

1 1 60%

Loading events...