ioc[.]one - OSINT Cyber Threat Intelligence Database

FIN8: BADHATCH Threat Indicator Enrichment

Tags

country:	Germany Sweden United States Of America
attack-pattern:	Data Ip Addresses - T1590.005 Server - T1583.004 Server - T1584.004 Ssh - T1021.004

Show in Graph

Common Information

Type	Value
UUID	15e2045a-dc35-4892-9ef2-1df7880f7004
Fingerprint	f5f388d9c203a7f5
Analysis status	DONE
Considered CTI value	0
Text language
Published	March 15, 2021, 1:56 p.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	FIN8: BADHATCH Threat Indicator Enrichment
Title	FIN8: BADHATCH Threat Indicator Enrichment
Detected Hints/Tags/Attributes	30/2/7

Source URLs

	Redirection	Url
Details	Source	https://team-cymru.com/blog/2021/03/15/fin8-badhatch-threat-indicator-enrichment/

URL Provider

Details	Provider	Source level domain
Details	team-cymru.com	team-cymru.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	18		labs.bitdefender.com
Details	IPv4	2		104.168.145.204
Details	IPv4	2		192.52.167.199
Details	IPv4	2		89.45.4.192
Details	IPv4	1		108.62.118.100
Details	Threat Actor Identifier - FIN	68		FIN8
Details	Url	1		https://labs.bitdefender.com/2021/03/fin8-group-is-back-in-business-with-improved-badhatch-kit