Rewterz Threat Alert – MuddyWater Targeting Turkish Organizations – Active IOCs - Rewterz
Tags
country: | Iran Turkey |
attack-pattern: | Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086 |
Common Information
Type | Value |
---|---|
UUID | 47a6334e-97ee-449a-9974-71570caf1bd9 |
Fingerprint | 408083f93fcfcb8e |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Feb. 2, 2022, 3:48 p.m. |
Added to db | Dec. 18, 2024, 10:59 p.m. |
Last updated | Dec. 24, 2024, 2:49 p.m. |
Headline | Rewterz Threat Alert – MuddyWater Targeting Turkish Organizations – Active IOCs |
Title | Rewterz Threat Alert – MuddyWater Targeting Turkish Organizations – Active IOCs - Rewterz |
Detected Hints/Tags/Attributes | 37/2/80 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1297 | gmail.com |
|
Details | 1 | sisterdoreencongreve@gmail.com |
||
Details | 2 | lillianwnwindrope@gmail.com |
||
Details | 2 | doctor.x.2020@gmail.com |
||
Details | 2 | ubuntoubunto1398@gmail.com |
||
Details | 2 | a.sara.1995a@gmail.com |
||
Details | md5 | 1 | bb8b86b63d34879942e7bab842577122 |
|
Details | md5 | 1 | da5a9a7ac9902fdd2cd4aab6b5efdf5b |
|
Details | md5 | 1 | fbacc4e15a4c17daac06d180c6db370e |
|
Details | md5 | 1 | 591c29acd2fe7325ce3180f5ff59409d |
|
Details | md5 | 1 | fde7103b0cc0af3186e78cf6635a9308 |
|
Details | md5 | 1 | c1f4ffc8185463ab9a99b4ed112c89cd |
|
Details | md5 | 1 | c24bb0ff542fc3f4ae6bd695287f991f |
|
Details | md5 | 1 | 59629ec48fec4c8480a9b09471815ad5 |
|
Details | md5 | 2 | d5481dbfad620a9787adab7d1d7c07cc |
|
Details | md5 | 1 | 366910fc6c707b5a760413dd4ab0c8e9 |
|
Details | md5 | 1 | c0c2cd5cc018e575816c08b36969c4a6 |
|
Details | md5 | 1 | 053b483ffc9573cb2c73192b48d0335c |
|
Details | md5 | 1 | 43f4c17f0851fc882b6d9fb588d141f2 |
|
Details | md5 | 1 | 817ab97c5be4f97a3b66d3293e46adc7 |
|
Details | md5 | 1 | 325493b99c01f442200316332b1d0b4c |
|
Details | md5 | 1 | f62497cf8619fe4f75ec333da4d6f756 |
|
Details | md5 | 1 | f21371716c281e38b31c03f28d9cc7c0 |
|
Details | md5 | 1 | eacf43ed80a150a6fb87fbeb473f1c25 |
|
Details | md5 | 1 | 60c3679584d8529b928648fdec187034 |
|
Details | md5 | 1 | 9c2d256a0238eac3f3d1a65429f64fe2 |
|
Details | md5 | 1 | bc64955c5c91f6f9f5428f4bf6d8add9 |
|
Details | sha1 | 1 | a38bf5b383b87b85f798b3feaa152a407f0d54a6 |
|
Details | sha1 | 1 | 164abd948ff4a2ed6d2a848f3b5322795e595995 |
|
Details | sha1 | 1 | 9c483899654caae1ca6a698275535633cd9571be |
|
Details | sha1 | 1 | f9637e4f055537687e469e41be4f6e3492a4b18f |
|
Details | sha1 | 1 | efaf653a16673d80ad445d0a3798653cd4e2d001 |
|
Details | sha1 | 1 | 3eb5c7ababb9d791ce738bb878ad0f47939d0c8e |
|
Details | sha1 | 1 | d80c6f31789eb2b71c7fcb4626eb0fb77ef087df |
|
Details | sha1 | 1 | ebf083d22fb0cf04cdf0360ac8e892a1df45d1b6 |
|
Details | sha1 | 2 | 488cdd9b4b3660c69b879f7e49ada535a9361af3 |
|
Details | sha1 | 1 | bc3fc89637437aed2223f0a6b4fda73a8afede1a |
|
Details | sha1 | 1 | 47a4e0d466bb20cec5d354e56a9aa3f07cec816a |
|
Details | sha1 | 1 | 9190d3c137a0970c064b5c80793624ff36cda876 |
|
Details | sha1 | 1 | 1daeb5f0383ce4c9cce280bf607a17abeaf1ddec |
|
Details | sha1 | 1 | 9ce6287a4bc8e05b32196769483c98c914cda453 |
|
Details | sha1 | 1 | a7b57d47c1b80c61c61c1bcf9089eed6fdaac756 |
|
Details | sha1 | 1 | 4e8c6cbc7617acaefbd7d29ef67c2cbc4e75d1a6 |
|
Details | sha1 | 1 | be9dbee320d8870b3416e9a348f3f5aa92e1081b |
|
Details | sha1 | 1 | 51fab90111375f91bc9c5946b443e711453fbba6 |
|
Details | sha1 | 1 | d188cf740d355488b7b8eb0fd896374468500505 |
|
Details | sha1 | 1 | dd38a9048059e4f8c96d03105fedc46af5cb5f66 |
|
Details | sha1 | 1 | b8d980963817731c6a8671dc308a2686f3108fe0 |
|
Details | sha256 | 2 | 42aa5a474abc9efd3289833eab9e72a560fee48765b94b605fac469739a515c1 |
|
Details | sha256 | 2 | d9de66497ad189d785d7535ab263e92ffad81df20b903c5e1d36859b4ed38b6d |
|
Details | sha256 | 2 | 5cdc7dd6162a8c791d50f5b2c5136d7ba3bf417104e6096bd4a2b76ea499a2f4 |
|
Details | sha256 | 2 | 26ed7e89b3c5058836252e0a8ed9ec6b58f5f82a2e543bc6a97b3fd17ae3e4ec |
|
Details | sha256 | 2 | a8701fd6a5eb45e044f8bf150793f4189473dde46e0af8314652f6bf670c0a34 |
|
Details | sha256 | 2 | b726f4dd745891070f2e516d5d4e4f2f1ce0bf3ff685dc3800455383f342e54d |
|
Details | sha256 | 2 | c9931382f844b61a002f83db1ae475953bbab449529be737df1eee8b3065f6eb |
|
Details | sha256 | 2 | fcdd38ff378605c66333429d9df2242fbce25a5f69f4d6d4c11d9613bcb409b0 |
|
Details | sha256 | 3 | c13cb1c9277324534075f807a3fcd24d0d3c024197c7437bf65db78f6a987f7a |
|
Details | sha256 | 2 | 450302fb71d8e0e30c80f19cfe7fb7801b223754698cac0997eb3a3c8e440a48 |
|
Details | sha256 | 4 | b1e30cce6df16d83b82b751edca57aa17795d8d0cdd960ecee7d90832b0ee76c |
|
Details | sha256 | 2 | 921b4520b75fcd0071944a483d738223b222ba101e70f2950fbfbc22afbdb5d0 |
|
Details | sha256 | 2 | d7de68febbbdb72ff820f6554afb464b5c204c434faa6ffe9b4daf6b691d535f |
|
Details | sha256 | 2 | 7dc49601fa6485c3a2cb1d519794bee004fb7fc0f3b37394a1aef6fceefec0c8 |
|
Details | sha256 | 2 | a69fee382cf86f9e457e0688932cbd00671d0d5218f8043f1ee385278ee19c8c |
|
Details | sha256 | 3 | 63e404011aeabb964ce63f467be29d678d0576bddb72124d491ab5565e1044cf |
|
Details | sha256 | 2 | f6569039513e261ba9c70640e6eb8f59a0c72471889d3c0eaba51bdebb91d285 |
|
Details | sha256 | 2 | 28f2198f811bbd09be31ad51bac49ba0be5e46ebf5c617c49305bb7e274b198c |
|
Details | sha256 | 2 | 04d6ed9c6d4a37401ad3c586374f169b0aa8d609710bdcf5434d39e0fd4ed9bd |
|
Details | sha256 | 2 | 69e3a454c191ee38663112cf5358a54cca1229188087ed18e92bc9c59b014912 |
|
Details | sha256 | 2 | dc28b5e878152b5305b8d251019895caa56a7a95a68eccb89a6ecc41da8aadb9 |
|
Details | IPv4 | 2 | 185.118.167.120 |
|
Details | IPv4 | 4 | 185.118.164.195 |
|
Details | IPv4 | 2 | 185.118.164.213 |
|
Details | IPv4 | 4 | 137.74.131.16 |
|
Details | IPv4 | 2 | 149.202.242.84 |
|
Details | IPv4 | 8 | 5.199.133.149 |
|
Details | IPv4 | 7 | 88.119.170.124 |
|
Details | IPv4 | 4 | 172.245.81.135 |
|
Details | IPv4 | 2 | 185.141.27.211 |
|
Details | Mandiant Temporary Group Assumption | 35 | TEMP.ZAGROS |
|
Details | Threat Actor Identifier - FIN | 445 | FIN7 |