ioc[.]one - OSINT Cyber Threat Intelligence Database

Lock — Vulnlab Full Walkthrough

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	3f9985d9-355f-4702-92d4-5df44f512921
Fingerprint	603ac0221acefe8
Analysis status	DONE
Considered CTI value	-2
Text language
Published	Oct. 1, 2024, 6:13 a.m.
Added to db	Oct. 1, 2024, 8:23 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Lock — Vulnlab Full Walkthrough
Title	Lock — Vulnlab Full Walkthrough
Detected Hints/Tags/Attributes	35/1/30

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@bericontraster/lock-vulnlab-full-walkthrough-310d16c90602?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	repos.py
Details	Domain	180	readme.md
Details	Domain	1	safe.directory
Details	Domain	75	user.name
Details	Domain	24	user.email
Details	Domain	3	mremoteng.org
Details	Email	1	ellen.freeman@lock.vl
Details	File	1	repos.py
Details	File	20	shell.aspx
Details	File	49	config.xml
Details	File	1	mremoteng_decrypt.py
Details	File	3	setoplock.exe
Details	File	1	c:\program files\pdf24\faxprninst.log
Details	File	269	msiexec.exe
Details	File	1	1-x64.msi
Details	File	2125	cmd.exe
Details	md5	1	FED84E16B6CCFE88EE7FFAAE5DFEFD34
Details	IPv4	1	10.10.94.6
Details	IPv4	1	10.10.101.48
Details	IPv4	9	10.8.3.192
Details	IPv4	1	10.10.101.122
Details	IPv6	1	a6fb:5fea:dacb:2f86:3bd5:ec3b:ca0d:fb23
Details	Url	1	http://10.10.101.48:3000/api/v1/user/repos
Details	Url	1	http://10.10.101.48:3000/ellen.freeman/website
Details	Url	1	http://10.10.101.48:3000
Details	Url	1	http://ellen.freeman@10.10.101.48:3000
Details	Url	1	http://10.10.101.122:3000/ellen.freeman/website.git
Details	Url	2	http://ip/shell.aspx
Details	Url	1	http://mremoteng.org
Details	Url	1	http://10.8.3.192/setoplock.exe