Malware/Phishing links

publish date:

reference :

IOC Table
total 44 View detail
type value
domain acessoriadedefesa12.com.br
domain adaptadistribuidora.com.br
domain clientespontofrio.com
domain fastframe.com.br
domain fb-photo.com.br
domain impulsaodenegocios.com.br
domain konserve.co.ug
domain lojadevariedade.com
domain paradiseincentives.com.mx
domain pontofrio.com
domain tehno-beton.com.ba
domain video.com.br
domain windplace.com.br
domain www2appway.com.br
URL http://acessoriadedefesa12.com.br/doc1/anexo.html
URL http://armazem.atwebpages.com/joveminscricao.html?video.com.br
URL http://br222.teste.website/~wbway058/brway/pessoa-fisica/atualizar/home.php
URL http://br480.teste.website/~wayap460/www2appway.com.br/home.php
URL http://fastframe.com.br/fastframe.com.br/EnglishLinkScript/verify.htm
URL http://fastframe.com.br/fastframe.com.br/NewUpdatewebpage/verify.htm

Italian DHL-Themed Phishing leads to Ursnif, Spambot - PhishMe

publish date:

reference :

IOC Table
total 15
type value
FileHash-MD5 077422be6543210435093d9ba8a51688
FileHash-MD5 305941673900132e5499e8c503ba0f04
FileHash-MD5 5ec9125d56cc7b1571c0389eb041ea6b
FileHash-MD5 651912b13e25080f6ff5851fee88fadf
FileHash-MD5 9a8f05cd3f7dbe5eff55f0c64f29a043
FileHash-MD5 c1993e190dffd6d136d7f0dc6fb0f253
hostname www.mondomusicatania.it
hostname www.nauticasubacqueapescacolelli.it
hostname www.studioprotec.com
hostname www.xvcustomclub.it
URL http://mondomusicatania.it/wp-includes/ID3/asxzae.tif
URL http://www.mondomusicatania.it/wp-includes/ID3/asxzae.tif
URL http://www.nauticasubacqueapescacolelli.it/files/ri.php
URL http://www.studioprotec.com/gallery/test/3.scr
URL http://www.xvcustomclub.it/shop/ri.php

Vulnerability Note VU#940439 - Quagga bpgd is affected by multiple vulnerabilities

publish date:

reference :

IOC Table
total 9
type value
CVE CVE-2018-5379
CVE CVE-2018-5378
CVE CVE-2018-5380
CVE CVE-2018-5381
hostname cwe.mitre.org
URL http://cwe.mitre.org/data/definitions/125.html
URL http://cwe.mitre.org/data/definitions/415.html
URL http://cwe.mitre.org/data/definitions/228.html
URL http://cwe.mitre.org/data/definitions/119.html

Buffer Overflow HoneyPot data 16/02/18

publish date:

reference :

IOC Table
total 20
type value
CVE CVE-2001-1250
CVE CVE-2002-1003
CVE CVE-2000-0571
CVE CVE-2003-0833
CVE CVE-2006-1652
CVE CVE-2005-1173
CVE CVE-2001-0836
CVE CVE-2000-0065
CVE CVE-2002-1212
CVE CVE-2002-1905
CVE CVE-2003-0125
CVE CVE-2002-1120
CVE CVE-2000-0641
CVE CVE-2004-2299
CVE CVE-2002-1012
CVE CVE-2002-1011
CVE CVE-2000-0002
IPv4 60.191.66.226
IPv4 221.229.166.130
IPv4 121.151.214.243

AndroRAT

publish date:

reference :

IOC Table
total 12
type value
CVE CVE-2014-3153
CVE CVE-2015-1805
CVE CVE-2016-0805
CVE CVE-2016-0819
CVE CVE-2015-3636
CVE CVE-2017-5689
CVE CVE-2017-0780
FileHash-SHA1 4d8869e94f31fd5fad9e01d6a9b580b9bfab4c58
FileHash-SHA256 2441b5948a316ac76baeb12240ba954e200415cef808b8b0760d11bf70dd3bf7
FileHash-SHA256 2733377c14eba0ed6c3313d5aaa51171f6aef5f1d559fc255db9a03a046f0e8f
FileHash-SHA256 909f5ab547432382f34feaa5cd7d5113dc02cda1ef9162e914219c3de4f98b6e
FileHash-SHA256 fde9f84def8925eb2796a7870e9c66aa29ffd1d5bda908b2dd1ddb176302eced

Vulnerabilities in Apache CouchDB Open the Door to Monero Miners

publish date:

reference :

IOC Table
total 75 View detail
type value
FileHash-SHA256 02ab39d5ef83ffd09e3774a67b783bfa345505d3cb86694c5b0f0c94980e5ae8
FileHash-SHA256 0bfd40f2c7386c2df1880b9f6a2975078902e0b13db0b557df525f4e5a4f21e0
FileHash-SHA256 0e33d0202b71322ac933fee3ab8621d3074a2193ee0cb5351e10e54b5fd6159f
FileHash-SHA256 13dbc8d157e2bb7345ca2e9a40ca25b501d0e3d4a7284a0e7fda3115b3950679
FileHash-SHA256 1e2bc997d723ac8e0a43602e2a16763cc62721d366c0d1111dbdb40570ae8659
FileHash-SHA256 2467cdb57491ada3549fdbb656c36781f00a1075b165f57c4dbaee43ac666ddf
FileHash-SHA256 293ced85653648aab7e32a542e843b0122584245912ff24e40c91339c91228bc
FileHash-SHA256 2c3b2b174a144b8e2ee273c9f07ea91682b30e31f81c1ea439f74d74a8eeee53
FileHash-SHA256 4bbc1877f06c5b562179c5b83e8e930bfc68427681ffedc2f8748fd332a8cb9a
FileHash-SHA256 5bb66a5e9a7f6c76325a55b7a4a3128fc8631805676bbd3315ce2ac04ac2937b
FileHash-SHA256 5d1d17e1071d71f370b810cacebade69dd2feb821362d4ad865885cb5fe4bbb2
FileHash-SHA256 63210b24f42c05b2c5f8fd62e98dba6de45c7d751a2e55700d22983772886017
FileHash-SHA256 6e54375d23ff7788d2adfa85df8709f9d7c86129a8b8bd241eb5aaf54247058c
FileHash-SHA256 70f11a692a0360131257cf707c03325cbff3a606ee76e097709abad1d56ed9a4
FileHash-SHA256 740e24085f1a968528c55daaf33f4b7ce382fd54ff1c6d25a63695d651999f7a
FileHash-SHA256 77c3410c7d927a51140f94fe1fca593667cfa824c154ba6d738cad6e49ae6bac
FileHash-SHA256 7a52862018f7c072ca18580a6604834a3f8550023b413e81e8436e64d3a10112
FileHash-SHA256 7e1115540ad2710992e140038eee818b8732ce05c9a433ce47782545197b0a6f
FileHash-SHA256 89d7575a46396ddf6ec5935729cdba6398ae96e275ff259d5c338e43750c3efb
FileHash-SHA256 8bf1def5479b39376b3790a83380831d288c57dd4fbad8e64abc3a9062eb56bb

Targeting of Olympic Games IT Infrastructure Remains Unattributed

publish date:

reference :

Ransom.ShurL0ckr

publish date:

reference :

IOC Table
total 6
type value
FileHash-MD5 0f8ccee515b88bae88aa3e4799d2265d
FileHash-MD5 493640f022a7ac07ad4e8d6f2cd3740e
FileHash-SHA256 0622fcb172773d8939b451c43902095b0f91877ae05e562c60d0ca0c237a2e9c
FileHash-SHA256 7005535e034576fdb66b5b32eb198b48d7755758e77bd66909f8dd7288c1e069
hostname kdvm5fd6tn6jsbwh.onion.to
URL https://kdvm5fd6tn6jsbwh.onion.to/decrypt/