IOCs 23_7_2021

 



(1)

File Name

Nouveau Archive WinRAR ZIP.zip

Created process

DDOS TOOL.exe

Connected (Ip/Dns)

soso06200[.]ddns[.]net

MD5

d96a6a38851372804b9f2febf33877eb

SHA256

adaf8eb8ebf4c8525a3a28764c3357fb8880f99533da70046ea19541e701bb9c

Family

njRAT

 


(2)

File Name

Payment_invoice.exe

Created process

Payment_invoice.exe

Connected (Ip/Dns)

www[.]illoftapartments[.]com/uecu/?Ann=oJdtyL0XR&GzvH=I+cFmvzt/Y7dQ6jmlNevYzRyUOJqDj5Yxiy0V7+6dDmvrES4qeJlFS+b0k7Qr1tQA2i47Q==

MD5

46adaf09ad9e9d730647b01cac8f53e6

SHA256

739caabaad723c9cf69c0381bffd77d7c7cf372408dc8970a073c3acdce5c355

Family

Formbook

 

(3)

File Name

Documents pdf.exe

Created process

Documents pdf.exe

Connected (Ip/Dns)

www[.]actymall[.]com/hth0/?tzsDXFa=+LPw8eJe0DD7oa0wpcpbLyMxnX3qjSwFbuqCFsRR0a/Gbd4L7xcTLqIqgQCJLgj9F9W0Tg==&3f6=ml1DU

MD5

027d8e07155bc564f7b522183018efe6

SHA256

90e7c97ea4917a6efb5c0a69bd6f481b1a5023d6f8ad0f22d123c417edff8a68

Family

Formbook

 


(4)

File Name

35cac0b2dfd8dda82dd6b4357549c37b64f8f73a69a02438521a825a5583b455.exe

Created process

35cac0b2dfd8dda82dd6b4357549c37b64f8f73a69a02438521a825a5583b455.exe

Connected (Ip/Dns)

justinalwhitedd554[.]duckdns[.]org

MD5

b2b789b7ad5228687ce60e40230bd941

SHA256

35cac0b2dfd8dda82dd6b4357549c37b64f8f73a69a02438521a825a5583b455

Family

Nanocore

 

(5)

File Name

SecuriteInfo.com.W32.AIDetect.malware1.4558.11240

Created process

SecuriteInfo.com.W32.AIDetect.malware1.4558.11240.exe

Connected (Ip/Dns)

Telete[.]in

MD5

377898663057c1c9a2276ae99b0f82cc

SHA256

37137c97a81252bf7a3653ca231b1ac8653d99d6df4d24597f1a09eaefd3072b

Family

Raccoon

 


(6)

File Name

MZ5sklmkukwpvI2.exe

Created process

MZ5sklmkukwpvI2.exe

Connected (Ip/Dns)

Luoslasco[.]xyz

MD5

1e45c46fa926aa0273e89705eb0e94b4

SHA256

57b23b219f96cf5a00224f0903d43416a529435d05037893d591937eea93cb0c

Family

Lokibot


(7)

File Name

RFQ-32986.exe

Created process

RFQ-32986.exe

Connected (Ip/Dns)

Irkark[.]xyz

MD5

528c56717b32a20c42b98eaf3f26cff5

SHA256

259a1e3d537f6e61c1683fe558a87e48da3ec44420cc0285da89c88bbf45375b

Family

Vidar


(8)

File Name

Sate_PI_2021-7-23.xlsx

Created process

Sate_PI_2021-7-23.exe

Connected (Ip/Dns)

Smtp[.]ccsp-india[.]com

MD5

d8e4f8c5d7a73b795d681aeaa027330b

SHA256

7ce3d708d5c0f0a609925844b753554fc6d0e7118346c2b1061eeb4ccc7df17b

Family

AgentTesla


(9)

File Name

c914230cb5359285dab0aa8946d183b50a3bf931719b49caea689279a0857e72.zip

Created process

c914230cb5359285dab0aa8946d183b50a3bf931719b49caea689279a0857e72.exe

Connected (Ip/Dns)

Smtp[.]shakurjay[.]com

MD5

b89253f6d2b963c32ab7125a62a62ad3

SHA256

a8c5d6cd86f31937ec391167078b32716bd0b5ba6c9201314146594adab4d6bf

Family

AgentTesla


(10)

File Name

b1954d6c1f249601ce6c562f6258ab29.exe

Created process

b1954d6c1f249601ce6c562f6258ab29.exe

Connected (Ip/Dns)

Ghjklhgteg[.]strangled[.]net

MD5

b1954d6c1f249601ce6c562f6258ab29

SHA256

f6b969be87ff04be7afa8ebb789d8867356700537c3ca7cc8f64d2a587c0c0d6

Family

Ave Maria


(11)

File Name

dependencies.exe

Created process

dependencies.exe

Connected (Ip/Dns)

Needforrat[.]hopto[.]org

MD5

3a1db70b49e9be3303890cb7855f2296

SHA256

3ffbccaf9efde195e47803fbeefbeea8daa46b8befe87b7781434c50b79d613b

Family

Netwire


(12)

File Name

0722_3614470461.xls

Created process

0722_3614470461.exe

Connected (Ip/Dns)

Tholeferli[.]com, pospvisis[.]com

MD5

e034a9922b81fc32fdfb65eecec94007

SHA256

f43aab9043c531a3311cbcc911d5093e1dbc1f8ba82eb94e5f85f2570aa26319

Family

Hancitor


(13)

File Name

WindowsUpdate.exe

Created process

WindowsUpdate.exe

Connected (Ip/Dns)

Dontreachme[.]duckdns[.]org

MD5

66c9847b56ba09eef76c30ec99e7c890

SHA256

dee54a9636b698706ba16a04dd1b801227e9caba2db71f61a5bb064b7cf9beaa

Family

Revenge


(14)

File Name

sample4.bin

Created process

sample4.exe

Connected (Ip/Dns)

gegemony4you[.]top

MD5

5009b8bcf024704c8b23e42c492f118c

SHA256

30f099660904079afcd445409cfd2eca735fab49dda522f03ed60d47f9f21bdc

Family

IcedID

If you wanna learn malware analysis you can check my YouTube channel I'm trying publish analysis of malware and some methods to analysis malwares.
Please don't forgot subscribe my channel Than you ♥  

YouTube channel 
https://www.youtube.com/channel/UCParXHaBXBmqRdHuVUg21pA

Comments

Popular posts from this blog

Sunburst Solarwinds Backdoor

Phishing Attacks 9_4_2021

AgentTesla Malware