ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Advisory

Show in Graph

Common Information

Type	Value
UUID	9624909a-aa95-42c9-a495-e59e7bcd6c89
Fingerprint	c32ab2a6bb3e8052dba878b86fc17708b30df9a08958d09d3e88670d77ba95d8
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 3, 2024, 5:23 p.m.
Added to db	May 24, 2024, 4:53 p.m.
Last updated	Aug. 31, 2024, 8:23 a.m.
Headline	Threat Advisory
Title	Threat Advisory
Detected Hints/Tags/Attributes	97/3/77

Source URLs

	Redirection	Url
Details	Source	https://www.hivepro.com/wp-content/uploads/2024/05/Cybercriminals-Forge-Alliances-via-Compromised-Routers_TA2024172.pdf

URL Provider

Details	Provider	Source level domain
Details	hivepro.com	www.hivepro.com

Attributes

Details	Type	#Events	Value
Details	CERT Ukraine	19	UAC-0028
Details	Domain	1	moreover.lostgumball.com
Details	Domain	1	li4858member.possessed.us
Details	Domain	1	clientrun.compuinter.com
Details	Domain	1	founderside.joseulloa.cl
Details	Domain	4	packinstall.kozow.com
Details	Domain	2	matbaiteahe.mooo.com
Details	Domain	2	lalapoc.kozow.com
Details	Domain	2	gneivaientga.ignorelist.com
Details	Domain	2	antotehlant.theworkpc.com
Details	Domain	2	onechoice.gleeze.com
Details	Domain	2	mumucnc.kozow.com
Details	Domain	1	enforcer.mywire.org
Details	Domain	1	puffypuf.gleeze.com
Details	Domain	1	speddot.seburn.net
Details	Domain	1	terminal.ooguy.com
Details	Domain	1	vrrumover0.vrrum0.farted.net
Details	Domain	1	trompadiom.tutotame.bigbox.info
Details	Domain	2	gopremium.mooo.com
Details	Domain	1	dfgtjytdfs.work.gd
Details	Domain	1	xfgjgjkuykykgihguifdt.mywire.org
Details	Domain	1	changepassword.giize.com
Details	Domain	1	kjskrvmwerffssd.kozow.com
Details	Domain	1	prekudinish.com
Details	Domain	3	remalexation.name
Details	Domain	1	macrofocafify.org
Details	Domain	1	semiridinution-postepudency.com
Details	Domain	1	underuvukent.com
Details	Domain	1	minixetepate.biz
Details	Domain	604	www.trendmicro.com
Details	Domain	167	www.ic3.gov
Details	Domain	1	antihicipate.com
Details	Domain	1	interocakate.com
Details	Domain	1	promexucate.com
Details	Domain	1	inoluvary.com
Details	Domain	1	recepatission.info
Details	Domain	1	ultradomafy.net
Details	Domain	1	emelenalike.com
Details	Domain	1	subonuker.name
Details	Domain	1	decumify.net
Details	Domain	435	www.hivepro.com
Details	File	6	router-roulette.html
Details	File	2	240227.pdf
Details	IBM X-Force - Threat Group Enumeration	12	ITG05
Details	IPv4	1	185.62.58.20
Details	IPv4	1	185.62.58.141
Details	IPv4	1	193.34.166.176
Details	IPv4	1	193.34.166.206
Details	IPv4	1	24.88.87.29
Details	IPv4	3	32.143.50.222
Details	IPv4	1	86.123.151.53
Details	IPv4	2	172.114.170.18
Details	IPv4	1	184.75.134.59
Details	IPv4	2	185.227.137.200
Details	MITRE ATT&CK Techniques	235	T1562
Details	MITRE ATT&CK Techniques	33	T1556
Details	MITRE ATT&CK Techniques	440	T1055
Details	MITRE ATT&CK Techniques	56	T1587
Details	MITRE ATT&CK Techniques	66	T1584
Details	MITRE ATT&CK Techniques	245	T1203
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	43	T1546
Details	MITRE ATT&CK Techniques	21	T1557
Details	MITRE ATT&CK Techniques	695	T1059
Details	MITRE ATT&CK Techniques	141	T1219
Details	MITRE ATT&CK Techniques	243	T1018
Details	MITRE ATT&CK Techniques	422	T1041
Details	MITRE ATT&CK Techniques	298	T1562.001
Details	MITRE ATT&CK Techniques	145	T1588
Details	Threat Actor Identifier - APT	783	APT28
Details	Threat Actor Identifier by NSA	9	SIG40
Details	Threat Actor Identifier by Recorded Future	6	TAG-0700
Details	Threat Actor Identifier by SecureWorks	15	TG-4127
Details	Threat Actor Identifier by Tencent	6	T-APT-12
Details	Threat Actor Identifier by Thales	6	ATK 5
Details	Url	1	https://www.trendmicro.com/en_in/research/24/e/router-roulette.html
Details	Url	2	https://www.ic3.gov/media/news/2024/240227.pdf