Overview - Attributes

Details Type #Events CTI Value
Details IPv6 1 
fe80::d7a:dd25:592d:f875
Details IPv6 1 
fe80::c104:11bf:417b:8628
Details IPv6 1 
fe80::c001:d2d8:7a62:5450
Details IPv6 1 
fe80::c001:d2d8:7a62:5450%enp7s0
Details Yara rule 1 
rule electricfish {
	meta:
		Author = "CISA trusted 3rd party"
		Incident = "10135536"
		Date = "2019-08-14"
		Category = "Hidden_Cobra"
		Family = "ELECTRICFISH"
		Description = "Detects logging functionality"
		MD5_1 = "0ba6bb2ad05d86207b5303657e3f6874"
		SHA256_1 = "7cf5d86cc75cd8f0e22e35213a9c051b740bd4667d9879a446f06277782bffd1"
	strings:
		$ = "LLgcIP"
		$ = "CCGC_LOG"
		$ = "LLGC_LOG"
	condition:
		uint16(0) == 0x5a4d and uint16(uint32(0x3c)) == 0x4550 and all of them
}
Details File 1 
sourcesnapshotencryptionkey.raw
Details Domain 2 
telepizza.com
Details sha256 1 
08051b859367ab3c85522dd751755ee881464afa2fd89a955c2c8aad49d1e81c
Details Url 1 
https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/securing-routers-against-mirai-home-network-attacks
Details Url 1 
https://www.trendmicro.com/en_us/business.html?cm_mmc=vurl:usa
Details Domain 2 
hotelemc2.com
Details Domain 2 
jewell.edu
Details Domain 2 
jaureguy.com.ar
Details Domain 2 
jaymart.co.th
Details Domain 2 
replicate.com
Details Domain 2 
servicestream.com.au
Details Email 2 
filecracker@msgsafe.io
Details Email 2 
xiopjioht@onionmail.org
Details Email 2 
xiopjioht@mail.ee
Details Email 2 
ncuedorockla20173@gmail.com
Details Email 2 
joel.carsel@gmx.com
Details Email 2 
helpadmiin@tutanota.com
Details Email 2 
hotwheels@onionmail.com
Details Email 2 
doktortalker@cock.li
Details Email 2 
helpadmin@mail.ee