ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – APT Group Gamaredon – Active IOCs

Tags

country:	Russia
attack-pattern:	Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Template Injection - T1221 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	2dc4b711-7775-4945-8d5d-6482cd31a1de
Fingerprint	ee3805a4af81476c
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 15, 2023, 5:17 p.m.
Added to db	April 25, 2023, 7:47 p.m.
Last updated	Dec. 21, 2024, 10:53 p.m.
Headline	Rewterz Threat Alert – APT Group Gamaredon – Active IOCs
Title	Rewterz Threat Alert – APT Group Gamaredon – Active IOCs
Detected Hints/Tags/Attributes	35/2/25

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-apt-group-gamaredon-active-iocs-36/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	365	✔	—	https://www.rewterz.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	8	cve-2023-22946
Details	CVE	50	cve-2023-2033
Details	Domain	1	lunch21.danizho.ru
Details	Domain	1	reliable19.danizho.ru
Details	Domain	1	run71.heartbreaking.ru
Details	Domain	1	sand6.danizho.ru
Details	Domain	1	sand81.danizho.ru
Details	File	916	index.html
Details	md5	1	4924a85d0c77c9b7b38faaab94636d9a
Details	md5	1	6954cc14717fceee71b2cd06cb894814
Details	md5	1	77b4bae305744433e2cf61972e39300c
Details	md5	1	85225645f8d01ccb48636eef96a6d039
Details	sha1	1	3a1d087a18e25ee855f5e53eeb735bf08e526a23
Details	sha1	1	25672d3b47d853b28851d809cc005300c750bb55
Details	sha1	1	5ef4086188e34ee9505972dab996e4e78f2832db
Details	sha1	1	2515978a6322c929a74ed9fb525183ba353bf78c
Details	sha256	1	284803a0435ea310b028092934783a9b71d6ea67e46c115d6b4a43d3ca955ce7
Details	sha256	1	e9a978ff55f6e65542804760da1c383ca2ed3ebf5b1c642ebacafb8b86a8a46d
Details	sha256	1	1f52386bfdfd1e431776cb82d276f968569996e4ca2cb098d8b02831eff6d7ba
Details	sha256	1	0d60bd4cd33f8b52315125d9d95e7a5b2377aea94be5ba3281678d4935d8e63f
Details	IPv4	1	64.226.94.136
Details	Url	1	http://64.226.94.136/intention68/index.html
Details	Url	1	http://64.226.94.136/intention32/index.html
Details	Url	1	http://64.226.94.136/intention78/index.html
Details	Url	1	http://64.226.94.136/intention85/index.html