Rewterz Threat Alert – Mirai Botnet Spread Using Spring4Shell Exploit – Active IOCs - Rewterz
Common Information
Type Value
UUID 0003d778-fe48-49a4-8e33-1d4cac7428aa
Fingerprint 8fb0f947afcfd9ce
Analysis status DONE
Considered CTI value 2
Text language
Published April 11, 2022, 10:39 a.m.
Added to db Dec. 19, 2024, 6:40 a.m.
Last updated Dec. 23, 2024, 12:08 p.m.
Headline Rewterz Threat Alert – Mirai Botnet Spread Using Spring4Shell Exploit – Active IOCs
Title Rewterz Threat Alert – Mirai Botnet Spread Using Spring4Shell Exploit – Active IOCs - Rewterz
Detected Hints/Tags/Attributes 23/2/25
Attributes
Details Type #Events CTI Value
Details CVE 99
cve-2022-22965
Details Domain 13
wget.sh
Details md5 1
bd0ad51f62599fe31d3b98a6640f7fc0
Details md5 1
67c5171bd5fadf75809a7cef8523d63a
Details md5 1
24a9da242b5d80f4df3164cd154b5c88
Details md5 1
b62601cded538c051bf84eb893d3af1b
Details md5 1
daa2a0aaebb794dc672f14cdf271fecc
Details md5 1
a7de7cb5eff5f8ced23efe7eba90c33f
Details md5 1
850da4f2e67510e609f9b4db7dd7c8ed
Details sha1 1
cc8b2f14c44c0bb86b7233afeb20134e01f84a83
Details sha1 1
0ec68dc5bdb67e255f84c2677512ad928bc9a462
Details sha1 1
9dc2a98f4fa683a299aad74f132f35b9957a8797
Details sha1 1
c9d9eba8cb12209d703fce6413eb3194eebbf39b
Details sha1 1
ae820885b3e7e8f4e72b97e769ca999636a309ce
Details sha1 1
524d1cd7394ba3b966745b755dc0ccbe686b1eb8
Details sha1 1
4d6cd3c4e51500f722962731ea5ec8b17a23e38a
Details sha256 1
5fb0c8f3daef02b9d2ab285d0bf348cf1cb7c36708b0034ad0dee4998a16b9e9
Details sha256 1
af06644dd95a30d55162666331ea6de0832cdf6f3d1897b276fde7c94d45ad84
Details sha256 1
3d8291da28ab42ba18a58efc18fb62e1d114af631cab678f823f7c28ff84e876
Details sha256 1
0d4ad08e561a3e285000a0c211063d58b543442d2208729aa142883f69a6f5f1
Details sha256 1
220179663c5a0974958caddf23709de8f26cdaee2c92c5920f3b4188e5a44b6f
Details sha256 1
95e9e8e5e412813ff8e949946a5f8c1fbbfc3ead2e74233e432a833777086407
Details sha256 1
9dc7ec24c42cbddb07f8a475297a52d64f8bcb9dc1a1090ac72e8ac27f56cc37
Details IPv4 4
45.95.169.143
Details Url 2
http://45.95.169.143/the420smokeplace.dns