ioc[.]one - OSINT Cyber Threat Intelligence Database

Show in Graph

Common Information

Type	Value
Value	rule halo_generated_a9b32fad32b4afb8cb3330c189fd7c87 : maldoc image { meta: tlp = "amber" author = "Halogen Generated Rule" date = "2020-11-18" md5 = "['28ab3d552d6f795378f9e6bb692c4f5f', 'afbdecbc6c7c5fc32ec922c2960b172b', '1c2b1d2d121683a9597ae8cf17763958', '7f7aad6745acc211a264bbc1350aed89', 'a9b32fad32b4afb8cb3330c189fd7c87']" family = "malware family" filename = "Directory: ../../scratchpad/use-cases/images/" scope = "['detection', 'collection']" intel = "['']" strings: $png_img_value_0 = { 89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 00 CD 00 00 00 3A 08 02 00 00 00 9C 49 4A 9F 00 00 00 01 73 52 47 42 00 AE CE 1C E9 00 00 00 09 70 48 59 73 00 00 0E C4 00 00 0E C4 01 95 2B 0E 1B 00 00 20 12 49 44 41 54 78 5E ED 9D 07 5C 95 D5 1B C7 7D } $png_img_value_1 = { 89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 00 18 00 00 00 18 08 02 00 00 00 6F 15 AA AF 00 00 00 01 73 52 47 42 00 AE CE 1C E9 00 00 00 09 70 48 59 73 00 00 0E C4 00 00 0E C4 01 95 2B 0E 1B 00 00 01 D2 49 44 41 54 38 4F 63 FC FF FF FF B7 EF BF E6 } $png_img_value_2 = { 89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 00 18 00 00 00 18 08 02 00 00 00 6F 15 AA AF 00 00 00 01 73 52 47 42 00 AE CE 1C E9 00 00 00 09 70 48 59 73 00 00 0E C4 00 00 0E C4 01 95 2B 0E 1B 00 00 02 F5 49 44 41 54 38 4F 9D 54 5D 48 14 51 14 9E 3B } $png_img_value_3 = { 89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 05 55 00 00 02 7D 08 02 00 00 00 BA A0 05 3D 00 00 00 06 62 4B 47 44 00 FF 00 FF 00 FF A0 BD A7 93 00 00 00 09 70 48 59 73 00 00 0E C3 00 00 0E C3 01 C7 6F A8 64 00 00 80 00 49 44 41 54 78 01 04 C1 3D 8E } $png_img_value_4 = { 89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 02 DF 00 00 01 5B 08 02 00 00 00 82 A1 75 C0 00 00 00 01 73 52 47 42 00 AE CE 1C E9 00 00 FF CA 49 44 41 54 78 5E EC FD 77 97 1C C7 96 DE 0B 67 65 96 AF F6 DD E8 86 37 04 08 02 84 A1 3D 76 66 CE 68 AC E6 } $png_img_value_5 = { 89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 03 53 00 00 00 FC 08 06 00 00 00 92 1A FE 3A 00 00 00 01 73 52 47 42 00 AE CE 1C E9 00 00 00 04 67 41 4D 41 00 00 B1 8F 0B FC 61 05 00 00 00 09 70 48 59 73 00 00 0E C2 00 00 0E C2 01 15 28 4A 80 00 00 94 } $png_img_value_6 = { 89 50 4E 47 0D 0A 1A 0A 00 00 00 0D 49 48 44 52 00 00 02 6E 00 00 01 2C 08 02 00 00 00 F5 B2 A8 BE 00 00 00 06 62 4B 47 44 00 FF 00 FF 00 FF A0 BD A7 93 00 00 80 00 49 44 41 54 78 DA EC FD F7 77 5B C7 96 3F 0A BE 7F 64 7E 98 79 6F DE 74 B8 D7 B6 98 90 33 98 } condition: any of them }
Category
Type	Yara Rule
Misp Type
Description

Details		Published	Attributes	CTI		Title
Details	Website	2020-11-23	17			InQuest - Join the Hunt.