ioc[.]one - OSINT Cyber Threat Intelligence Database

Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies

Tags

attack-pattern:

Data Conditional Access Policies - T1556.009 Credentials - T1589.001 Dcsync - T1003.006 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Sharepoint - T1213.002 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 Connection Proxy - T1090 Powershell - T1086 Remote Access Tools - T1219 Windows Management Instrumentation - T1047

Show in Graph

Common Information

Type	Value
UUID	42bd295a-ad13-487b-82d4-a76745db1541
Fingerprint	2c7844079c07dfcd
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 7, 2024, midnight
Added to db	Nov. 12, 2024, 11:47 a.m.
Last updated	Nov. 17, 2024, 6:53 p.m.
Headline	Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies
Title	Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies
Detected Hints/Tags/Attributes	92/1/105

Source URLs

	Redirection	Url
Details	Source	https://www.crowdstrike.com/en-us/blog/analysis-of-intrusion-campaign-targeting-telecom-and-bpo-companies/

URL Provider

Details	Provider	Source level domain
Details	crowdstrike.com	www.crowdstrike.com

Attributes

Details	Type	#Events	Value
Details	CVE	10	cve-2021-35464
Details	Domain	3	fixme.it
Details	Domain	8	fleetdeck.io
Details	Domain	12	level.io
Details	Domain	71	transfer.sh
Details	Domain	42	linpeas.sh
Details	File	1	insomnia.exe
Details	File	1	linpeas.log
Details	File	1	lockhuntersetup_3-4-3.exe
Details	File	6	ok.exe
Details	File	1	rsocx.exe
Details	sha256	4	3ea2d190879c8933363b222c686009b81ba8af9eb6ae3696d2f420e187467f08
Details	sha256	5	cce5e2ccb9836e780c6aa075ef8c0aeb8fec61f21bbef9e01bdee025d2892005
Details	sha256	4	acadf15ec363fe3cc373091cbe879e64f935139363a8e8df18fd9e59317cc918
Details	sha256	4	982dda5eec52dd54ff6b0b04fd9ba8f4c566534b78f6a46dada624af0316044e
Details	sha256	5	443dc750c35afc136bfea6db9b5ccbdb6adb63d3585533c0cf55271eddf29f58
Details	sha256	4	53b7d5769d87ce6946efcba00805ddce65714a0d8045aeee532db4542c958b9f
Details	sha256	5	4188736108d2b73b57f63c0b327fb5119f82e94ff2d6cd51e9ad92093023ec93
Details	sha256	3	648c2067ef3d59eb94b54c43e798707b030e0383b3651bcc6840dae41808d3a9
Details	IPv4	3	100.35.70.106
Details	IPv4	5	119.93.5.239
Details	IPv4	3	136.144.19.51
Details	IPv4	3	136.144.43.81
Details	IPv4	1	141.94.177.172
Details	IPv4	3	142.93.229.86
Details	IPv4	3	143.244.214.243
Details	IPv4	13	144.76.136.153
Details	IPv4	5	146.70.103.228
Details	IPv4	3	146.70.107.71
Details	IPv4	3	146.70.112.126
Details	IPv4	3	146.70.127.42
Details	IPv4	3	146.70.45.166
Details	IPv4	3	146.70.45.182
Details	IPv4	4	152.89.196.111
Details	IPv4	4	159.223.213.174
Details	IPv4	3	162.118.200.173
Details	IPv4	4	169.150.203.51
Details	IPv4	3	172.98.33.195
Details	IPv4	3	173.239.204.129
Details	IPv4	3	173.239.204.130
Details	IPv4	3	173.239.204.131
Details	IPv4	3	173.239.204.132
Details	IPv4	3	173.239.204.133
Details	IPv4	3	173.239.204.134
Details	IPv4	3	18.206.107.24
Details	IPv4	3	180.190.113.87
Details	IPv4	4	185.120.144.101
Details	IPv4	4	185.123.143.197
Details	IPv4	3	185.123.143.201
Details	IPv4	3	185.123.143.205
Details	IPv4	3	185.123.143.217
Details	IPv4	3	185.156.46.141
Details	IPv4	6	185.181.102.18
Details	IPv4	5	185.195.19.206
Details	IPv4	4	185.195.19.207
Details	IPv4	4	185.202.220.239
Details	IPv4	4	185.202.220.65
Details	IPv4	4	185.240.244.3
Details	IPv4	1	185.243.218.41
Details	IPv4	4	185.247.70.229
Details	IPv4	4	185.45.15.217
Details	IPv4	5	185.56.80.28
Details	IPv4	4	188.166.101.65
Details	IPv4	4	188.166.117.31
Details	IPv4	4	188.214.129.7
Details	IPv4	4	192.166.244.248
Details	IPv4	4	193.27.13.184
Details	IPv4	4	193.37.255.114
Details	IPv4	4	194.37.96.188
Details	IPv4	4	195.206.105.118
Details	IPv4	1	195.206.107.147
Details	IPv4	4	198.44.136.180
Details	IPv4	5	198.54.133.45
Details	IPv4	4	198.54.133.52
Details	IPv4	5	217.138.198.196
Details	IPv4	5	217.138.222.94
Details	IPv4	4	23.106.248.251
Details	IPv4	4	31.222.238.70
Details	IPv4	3	35.175.153.217
Details	IPv4	5	37.19.200.142
Details	IPv4	5	37.19.200.151
Details	IPv4	5	37.19.200.155
Details	IPv4	3	45.132.227.211
Details	IPv4	6	45.132.227.213
Details	IPv4	2	45.134.140.171
Details	IPv4	5	45.134.140.177
Details	IPv4	5	45.86.200.81
Details	IPv4	5	45.91.21.61
Details	IPv4	4	5.182.37.59
Details	IPv4	4	51.210.161.12
Details	IPv4	4	51.89.138.221
Details	IPv4	4	62.182.98.170
Details	IPv4	3	64.190.113.28
Details	IPv4	5	67.43.235.122
Details	IPv4	3	68.235.43.20
Details	IPv4	3	68.235.43.21
Details	IPv4	1	68.235.43.38
Details	IPv4	4	82.180.146.31
Details	IPv4	1	83.97.20.88
Details	IPv4	4	89.46.114.164
Details	IPv4	5	89.46.114.66
Details	IPv4	4	91.242.237.100
Details	IPv4	3	93.115.7.238
Details	IPv4	4	98.100.141.70
Details	IPv6	2	2a01:4f8:200:1097::2