ioc[.]one - OSINT Cyber Threat Intelligence Database

Деятельность иранских злоумышленников по перехвату и доступу к учетным данным ставит под угрозу организации критической инфраструктуры - SEC-1275-1

Tags

attack-pattern:

Powershell - T1059.001 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	29b4e6c6-61c1-491b-905f-2e01a381548c
Fingerprint	720eed8a6726eddf
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 18, 2024, midnight
Added to db	Oct. 18, 2024, 9:34 a.m.
Last updated	Nov. 17, 2024, 6:53 p.m.
Headline	Деятельность иранских злоумышленников по перехвату и доступу к учетным данным ставит под угрозу организации критической инфраструктуры
Title	Деятельность иранских злоумышленников по перехвату и доступу к учетным данным ставит под угрозу организации критической инфраструктуры - SEC-1275-1
Detected Hints/Tags/Attributes	6/1/76

Source URLs

	Redirection	Url
Details	Source	https://1275.ru/ioc/5981/deyatelnost-iranskih-zloumyshlennikov-po-perehvatu-i-dostupu-k-uchetnym-dannym-stavit-pod-ugrozu-organizatsii-kriticheskoy-infrastruktury/?mtm_campaign=rss

URL Provider

Details	Provider	Source level domain
Details	1275.ru	1275.ru

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	8	✔	Архивы IOC - SEC-1275-1	https://1275.ru/ioc/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	217	cve-2020-1472
Details	md5	1	a30ffebf2c87a6dfd4946213263f2760
Details	md5	1	b27c2e0141bbb3a7907a5ec1863e1465
Details	sha1	3	1f96d15b26416b2c7043ee7172357af3afbb002a
Details	sha1	3	3d3cdf7cfc881678febcafb26ae423fe5aa4efec
Details	sha256	1	09407d2e3ac7d6af13c407d17ec8e51b6d1b1d8271df65ebd0b3ffbab420b2fe
Details	sha256	1	b729962dd554dc2cba31ac9f7b9046eb119e7b4ae299d674f65ee9eba5679d62
Details	IPv4	2	102.129.152.60
Details	IPv4	2	102.129.153.182
Details	IPv4	2	102.129.235.127
Details	IPv4	2	102.129.235.186
Details	IPv4	2	102.165.16.127
Details	IPv4	2	146.70.102.3
Details	IPv4	2	149.40.50.45
Details	IPv4	2	149.57.16.134
Details	IPv4	2	149.57.16.137
Details	IPv4	2	149.57.16.150
Details	IPv4	2	149.57.16.160
Details	IPv4	2	149.57.16.37
Details	IPv4	2	154.16.192.37
Details	IPv4	2	154.16.192.38
Details	IPv4	2	154.6.13.139
Details	IPv4	2	154.6.13.144
Details	IPv4	2	154.6.13.151
Details	IPv4	2	156.146.60.74
Details	IPv4	2	172.98.71.191
Details	IPv4	2	173.239.232.20
Details	IPv4	2	181.214.166.132
Details	IPv4	2	181.214.166.59
Details	IPv4	2	188.126.89.35
Details	IPv4	2	188.126.94.166
Details	IPv4	2	188.126.94.57
Details	IPv4	2	188.126.94.60
Details	IPv4	2	191.101.217.10
Details	IPv4	2	191.96.106.33
Details	IPv4	2	191.96.150.14
Details	IPv4	2	191.96.150.21
Details	IPv4	2	191.96.150.50
Details	IPv4	2	191.96.150.96
Details	IPv4	3	191.96.227.102
Details	IPv4	2	191.96.227.113
Details	IPv4	2	191.96.227.122
Details	IPv4	2	191.96.227.159
Details	IPv4	2	212.102.39.212
Details	IPv4	2	212.102.57.29
Details	IPv4	2	37.19.197.182
Details	IPv4	2	37.46.113.206
Details	IPv4	2	45.88.97.225
Details	IPv4	2	46.246.122.185
Details	IPv4	2	46.246.3.186
Details	IPv4	2	46.246.3.196
Details	IPv4	2	46.246.3.223
Details	IPv4	2	46.246.3.225
Details	IPv4	2	46.246.3.226
Details	IPv4	2	46.246.3.233
Details	IPv4	2	46.246.3.239
Details	IPv4	2	46.246.3.240
Details	IPv4	2	46.246.3.245
Details	IPv4	2	46.246.8.10
Details	IPv4	2	46.246.8.104
Details	IPv4	2	46.246.8.137
Details	IPv4	2	46.246.8.138
Details	IPv4	2	46.246.8.141
Details	IPv4	2	46.246.8.17
Details	IPv4	2	46.246.8.47
Details	IPv4	2	46.246.8.53
Details	IPv4	2	46.246.8.67
Details	IPv4	2	46.246.8.82
Details	IPv4	2	46.246.8.84
Details	IPv4	2	84.239.25.13
Details	IPv4	2	84.239.45.17
Details	IPv4	2	89.149.38.204
Details	IPv4	2	95.181.234.12
Details	IPv4	2	95.181.234.15
Details	IPv4	2	95.181.234.25
Details	IPv4	2	95.181.235.8