ioc[.]one - OSINT Cyber Threat Intelligence Database

Rocke'in the NetFlow

Tags

country:	China
attack-pattern:	Data Cron - T1053.003 Data Destruction - T1662 Data Destruction - T1485 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Whois - T1596.002 Connection Proxy - T1090 Data Destruction

Show in Graph

Common Information

Type	Value
UUID	5201b0a9-3c55-49bf-9e84-d8c30ba20dce
Fingerprint	f113d59bc3b2b7c4
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 1, 2019, 1 p.m.
Added to db	Jan. 18, 2023, 10:42 p.m.
Last updated	Nov. 18, 2024, 4:21 p.m.
Headline	Rocke'in the NetFlow
Title	Rocke'in the NetFlow
Detected Hints/Tags/Attributes	79/2/105

Source URLs

	Redirection	Url
Details	Source	https://unit42.paloaltonetworks.com/rockein-the-netflow/

URL Provider

Details	Provider	Source level domain
Details	paloaltonetworks.com	unit42.paloaltonetworks.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	sowcar.com
Details	Domain	1176	gmail.com
Details	Domain	3	thyrsi.com
Details	Domain	1	w2wz.cn
Details	Domain	1	baocangwh.cn
Details	Domain	99	qq.com
Details	Domain	1	z9ls.com
Details	Domain	2	gwjyhs.com
Details	Domain	2	heheda.tk
Details	Domain	2	dd.heheda.tk
Details	Domain	2	cloudappconfig.com
Details	Domain	2	img0.cloudappconfig.com
Details	Domain	2	img1.cloudappconfig.com
Details	Domain	2	img2.cloudappconfig.com
Details	Domain	8	systemten.org
Details	Domain	359	pastebin.com
Details	Domain	2	www.liuxiaobei.com
Details	Domain	1	cloudappcloudconfig.com
Details	Domain	1	baocanwh.cn
Details	Domain	25	www.cyberthreatalliance.org
Details	Email	1	4592248@gmail.com
Details	Email	1	4592248@qq.com
Details	sha256	2	1608899ff3bd9983df375fd836464500f160f6305fcc35cfb64abbe94643c962
Details	sha256	1	28f92f36883b69e281882f19fec1d89190e913a4e301bfc5d80242b74fcba6fe
Details	sha256	1	a84283095e0c400c3c4fe61283eca6c13dd0a6157a57adf95ae1dcec491ec519
Details	sha256	1	6797018a6f29ce3d447bd3503372f78f9513d4648e5cd3ab5ab194a50c72b9c4
Details	IPv4	1	23.234.4.151
Details	IPv4	1	23.234.4.153
Details	IPv4	1	27.221.28.231
Details	IPv4	1	27.221.54.252
Details	IPv4	1	36.103.236.221
Details	IPv4	1	36.103.247.121
Details	IPv4	1	36.248.26.205
Details	IPv4	1	42.202.141.230
Details	IPv4	1	42.236.125.84
Details	IPv4	2	42.56.76.104
Details	IPv4	1	43.242.166.88
Details	IPv4	2	59.83.204.14
Details	IPv4	1	60.167.222.122
Details	IPv4	1	61.140.13.251
Details	IPv4	1	104.31.68.79
Details	IPv4	1	104.31.69.79
Details	IPv4	1	113.142.51.219
Details	IPv4	1	113.200.16.234
Details	IPv4	1	116.211.184.212
Details	IPv4	1	118.213.118.94
Details	IPv4	1	118.25.145.24
Details	IPv4	1	122.246.6.183
Details	IPv4	1	125.74.45.101
Details	IPv4	1	150.138.184.119
Details	IPv4	1	182.118.11.126
Details	IPv4	1	182.118.11.193
Details	IPv4	1	182.247.250.251
Details	IPv4	1	182.247.254.83
Details	IPv4	1	183.224.33.79
Details	IPv4	1	211.91.160.159
Details	IPv4	1	211.91.160.238
Details	IPv4	1	218.75.176.126
Details	IPv4	1	219.147.231.79
Details	IPv4	1	221.204.60.69
Details	IPv4	1	103.52.216.35
Details	IPv4	1	104.27.138.223
Details	IPv4	1	104.27.139.223
Details	IPv4	1	205.185.122.229
Details	IPv4	1	209.141.41.204
Details	IPv4	1	58.215.145.137
Details	IPv4	1	58.216.107.77
Details	IPv4	1	58.218.208.13
Details	IPv4	1	113.96.98.113
Details	IPv4	1	118.25.145.241
Details	IPv4	1	121.207.229.203
Details	IPv4	1	122.246.20.201
Details	IPv4	1	140.249.61.134
Details	IPv4	3	222.186.49.224
Details	IPv4	1	104.18.38.253
Details	IPv4	1	104.18.39.253
Details	IPv4	1	104.31.92.26
Details	IPv4	2	104.31.93.26
Details	IPv4	1	119.28.48.240
Details	IPv4	1	104.27.134.168
Details	IPv4	1	104.27.135.168
Details	IPv4	1	104.31.80.164
Details	IPv4	1	104.31.81.164
Details	IPv4	1	172.64.104.10
Details	IPv4	1	172.64.105.10
Details	IPv4	1	104.27.138.191
Details	IPv4	1	104.27.139.191
Details	IPv4	2	104.238.151.101
Details	IPv4	1	104.18.58.79
Details	IPv4	1	104.18.59.79
Details	IPv4	1	195.20.40.95
Details	IPv4	3	198.204.231.250
Details	IPv4	2	43.224.225.220
Details	IPv4	1	67.21.64.34
Details	IPv4	2	104.248.53.213
Details	IPv4	1	104.31.92.233
Details	IPv4	1	104.31.93.233
Details	IPv4	2	134.209.104.20
Details	IPv4	1	165.22.156.147
Details	IPv4	2	185.193.125.146
Details	Url	2	https://pastebin.com/raw/hwbvxk6h
Details	Url	1	https://pastebin.com/raw/60t3uccb
Details	Url	3	https://pastebin.com/raw/rpb8edpu
Details	Url	1	https://pastebin.com/raw/wr3etdbi
Details	Url	1	https://pastebin.com/raw/va86jyqw