ioc[.]one - OSINT Cyber Threat Intelligence Database

Brute Ratel C4

Show in Graph

Common Information

Type	Value
UUID	1e074003-8af8-484e-b848-18e161e745e0
Fingerprint	6f0499c097e38fcd2183234ed57e60b763a357af172ce729af316755d911b315
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 12, 2023, 4:17 p.m.
Added to db	Oct. 18, 2024, 5 p.m.
Last updated	Oct. 18, 2024, 5:02 p.m.
Headline	Brute Ratel C4
Title	Brute Ratel C4
Detected Hints/Tags/Attributes	111/4/63

Source URLs

	Redirection	Url
Details	Source	https://www.quorumcyber.com/wp-content/uploads/2023/06/Quorum-Cyber_-BruteRatelC4-Malware-Report.pdf

URL Provider

Details	Provider	Source level domain
Details	quorumcyber.com	www.quorumcyber.com

Attributes

Details	Type	#Events	Value
Details	Domain	42	quorumcyber.com
Details	Domain	4	polyswarm.io
Details	Domain	32	paloaltonetworks.com
Details	Domain	3	symantecuptimehost.com
Details	File	3	vresion.dll
Details	sha256	2	973f573cab683636d9a70b8891263f59e2f02201ffb4dd2e9d7ecbb1521da03e
Details	sha256	2	62cb24967c6ce18d35d2a23ebed4217889d796cf7799d9075c1aa7752b8d3967
Details	sha256	2	3ed21a4bfcf9838e06ad3058d13d5c28026c17dc996953a22a00f0609b0df3b9
Details	sha256	2	3ad53495851bafc48caf6d2227a434ca2e0bef9ab3bd40abfe4ea8f318d37bbe
Details	sha256	2	3a946cba2ba38a2c6158fa50beee20d2d75d595acc27ea51a39a37c121082596
Details	sha256	1	c41f9d6bf97b9bf74ca62e8618f063d55fcb7d24d2ca76f1e3e16b475c1ac2a4
Details	sha256	2	e1a9b35cf1378fda12310f0920c5c53ad461858b3cb575697ea125dfee829611
Details	sha256	1	09e48e03857a4c2c4b5b6997ce09c6b335c11da5bfb7cb562da113883a959a5e
Details	sha256	2	2ddc77de26637a6d759e5b080864851b731fdb11075485980ece20d8f197104c
Details	sha256	1	3ac2eadeca1c203cd66658f87997000f196737f789ce45cb4f0dd07a2d91ce34
Details	sha256	1	59f6f217c4696ff6b93f268293cfa14536649ac57454b0db7f455cbfc55d2075
Details	sha256	1	5e9ba02f4ce8c1c658fd631003a07a8d372d3a4e48bf09ffe5d001d2a145e54e
Details	sha256	1	66155a82f70e078776e11d0d75ea77e7a2a71f633b0b2187f1064535bba3a9c5
Details	sha256	1	75d190fe122709f7130cb8bfb61dc8a318cdfc208b653c0a0f829c8fa62d0e51
Details	sha256	1	7982ad325c8f2f41d309c2f20bc7f45ee2fd0663d0273ecbc2050be8c5ddd5ba
Details	sha256	1	9d2d583a31e3f65675ac3ef863e31a792c6cf8f6671ee7d194d244fff7c0cf0b
Details	sha256	1	a4cac4a93cfb04af5740327e1efb915c5ef6833d3fdf107c89601e5afb7d8e0e
Details	sha256	1	b37396d224275110f26940f1748faef43a716cd7d641cc5dcc8f3e75da800b12
Details	sha256	1	d133cdc924035ec3088dc708fa63f9ce69b5353cb6aa3a35de019639e442e1f4
Details	IPv4	1	149.28.251.203
Details	IPv4	2	159.65.186.50
Details	IPv4	1	37.119.57.195
Details	IPv4	1	13.82.141.216
Details	IPv4	1	18.163.6.122
Details	IPv4	1	167.71.62.156
Details	IPv4	1	13.114.48.174
Details	IPv4	1	167.99.137.218
Details	IPv4	2	52.68.31.77
Details	IPv4	1	35.79.109.52
Details	IPv4	1	107.148.27.54
Details	IPv4	1	54.168.127.93
Details	IPv4	1	52.194.85.123
Details	IPv4	1	54.248.200.60
Details	IPv4	1	35.72.100.201
Details	IPv4	1	54.95.222.110
Details	IPv4	1	51.77.112.254
Details	IPv4	1	159.203.77.32
Details	IPv4	1	172.105.235.229
Details	MITRE ATT&CK Techniques	59	T1588.002
Details	MITRE ATT&CK Techniques	310	T1566.001
Details	MITRE ATT&CK Techniques	420	T1204
Details	MITRE ATT&CK Techniques	440	T1055
Details	MITRE ATT&CK Techniques	59	T1055.001
Details	MITRE ATT&CK Techniques	627	T1027
Details	MITRE ATT&CK Techniques	57	T1036.004
Details	MITRE ATT&CK Techniques	183	T1036.005
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	57	T1497.003
Details	MITRE ATT&CK Techniques	107	T1564
Details	MITRE ATT&CK Techniques	91	T1620
Details	MITRE ATT&CK Techniques	118	T1056.001
Details	MITRE ATT&CK Techniques	365	T1204.002
Details	MITRE ATT&CK Techniques	168	T1046
Details	MITRE ATT&CK Techniques	179	T1087
Details	MITRE ATT&CK Techniques	219	T1113
Details	MITRE ATT&CK Techniques	25	T1104
Details	Threat Actor Identifier - APT	1	APT291
Details	Threat Actor Identifier - APT	665	APT29