RST TI Report Digest: 23 Dec 2024
Common Information
Type Value
UUID 565eaf6b-8545-486e-b7b2-1408f48522b7
Fingerprint b408991989908799
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 23, 2024, 5:30 a.m.
Added to db Dec. 23, 2024, 7:21 a.m.
Last updated Dec. 23, 2024, 12:08 p.m.
Headline RST TI Report Digest: 23 Dec 2024
Title RST TI Report Digest: 23 Dec 2024
Detected Hints/Tags/Attributes 137/3/275
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 44
cve-2023-48788
Details Domain 7
www.ctfiot.com
Details Domain 1
warpower.dynuddns.net
Details Domain 463
securelist.com
Details Domain 60
webhook.site
Details Domain 5
infinity.screenconnect.com
Details Domain 5
kle.screenconnect.com
Details Domain 5
trembly.screenconnect.com
Details Domain 5
corsmich.screenconnect.com
Details Domain 5
sipaco2.screenconnect.com
Details Domain 5
myleka.screenconnect.com
Details Domain 5
petit.screenconnect.com
Details Domain 5
lindeman.screenconnect.com
Details Domain 5
sorina.screenconnect.com
Details Domain 5
allwebemails1.screenconnect.com
Details Domain 5
web-r6hl0n.screenconnect.com
Details Domain 5
www.lidahtoto2.com
Details Domain 235
www.crowdstrike.com
Details Domain 2
162.200.178.68.host.secureserver.net
Details Domain 2
contpt.top
Details Domain 3
massgrave.site
Details Domain 2
lovecollege.hosthampster.com
Details Domain 3
19b.zip
Details Domain 2
adjunto.pdfxml.store
Details Domain 4
public.adobecc.com
Details Domain 3
api.cacher.io
Details Domain 9
jacknwoods.com
Details Domain 4
academymusica.com
Details Domain 6
samsnewlooker.com
Details Domain 2
www.jacknwoods.com
Details Domain 2
siasat.top
Details Domain 2
ewh.ieee.org
Details Domain 25
bi.zone
Details Domain 4
disk-yanbex.ru
Details Domain 1
lobbyluxuries.com
Details Domain 68
www.cybereason.com
Details Domain 5
crowdstrike-office365.com
Details Domain 5
carrtychaintnyw.shop
Details Domain 5
quotamkdsdqo.shop
Details Domain 6
complainnykso.shop
Details Domain 2
report1.b-cdn.net
Details Domain 2
mega03.b-cdn.net
Details Domain 2
filesblack404.b-cdn.net
Details Domain 2
zone02.b-cdn.net
Details Domain 2
click1.b-cdn.net
Details Domain 2
mato-camp-v1.b-cdn.net
Details Domain 2
report3.b-cdn.net
Details Domain 2
proffoduwnuq.shop
Details Domain 2
pardaoboccia.shop
Details Domain 2
naggersanimism.shop
Details Domain 2
conservaitiwo.shop
Details Domain 2
a3.bigdownloadtech.shop
Details Domain 3
steppyplantnw.shop
Details Domain 3
downcheck.nyc3.cdn.digitaloceanspaces.com
Details Domain 2
ces.com
Details Domain 5
clicktogo.click
Details Domain 2
matteryshzh.cfd
Details Domain 50
steamcommunity.com
Details Domain 4
itsfreerepublic.com
Details Domain 25
www.wiz.io
Details Domain 2
digital.digitaldatainsights.org
Details Domain 2
pauza.digitaldatainsights.org
Details Domain 2
test.digitaldatainsights.org
Details Domain 1
web.digitaldatainsights.org
Details Domain 35
pool.supportxmr.com
Details Domain 42
www.akamai.com
Details Domain 16
hailcocks.ru
Details Domain 13
wget.sh
Details File 1
220513.html
Details File 2
income-tax-deduction-and-rebates202441712.pdf
Details File 26
dism.exe
Details File 5
usercache.ini
Details File 545
mshta.exe
Details File 1355
powershell.exe
Details md5 1
e4d26ef4eb535ed7a5a5694ec804159f
Details md5 1
51865d714d444e677aa12adc8a399562
Details md5 1
cb7417248c5fd3c7c76eb21b670a7a7f
Details md5 2
e74b1e485e42e8ba7a65ab6927e872a5
Details md5 1
a2d098f44aba4967826c3002541e3bb8
Details md5 1
7e101596eeb43ed2de78bb45d7031f7b
Details md5 2
48210ca2408dc76815ad1b7c01c1a21a
Details md5 2
fc3a8eabd07a221b478a4ddd77ddce43
Details md5 2
8c70377554b291d4a231cf113398c00d
Details md5 2
23b873bb66dc09e91127e20825b6cbc7
Details md5 2
bcec17275114c6a87d8b7110aecec5cc
Details md5 2
6cbc93b041165d59ea5ded0c5f377171
Details md5 2
1fcd4f83bf6414d79d5f29ad1e795b3d
Details sha1 5
8cfd968741a7c8ec2dcbe0f5333674025e6be1dc
Details sha1 5
441a52f0112da187244eeec5b24a79f40cc17d47
Details sha1 5
746710470586076bb0757e0b3875de9c90202be2
Details sha1 5
bc29888042d03fe0ffb57fc116585e992a4fdb9b
Details sha1 5
841fff3a36d82c14b044da26967eb2a8f61175a8
Details sha1 5
34162aaf41c08f0de2f888728b7f4dc2a43b50ec
Details sha1 5
cf1ca6c7f818e72454c923fea7824a8f6930cb08
Details sha1 5
59e1322440b4601d614277fe9092902b6ca471c2
Details sha1 5
75ebd5bab5e2707d4533579a34d983b65af5ec7f
Details sha1 5
83cff3719c7799a3e27a567042e861106f33bb19
Details sha1 5
44b83dd83d189f19e54700a288035be8aa7c8672
Details sha1 5
8834f7ab3d4aa5fb14d851c7790e1a6812ea4ca8
Details sha1 3
bfc1422d1c5351561087bd3e6d82ffbad5221dae
Details sha1 2
128a085b84667420359bfd5b7bad0a431ca89e35
Details sha1 2
9f3651ad5725848c880c24f8e749205a7e1e78c1
Details sha1 2
f3e5a2e477cac4bab85940a2158eed78f2d74441
Details sha1 2
a01fa9facf3a13c5a9c079d79974842abff2a3f2
Details sha1 2
99b8464e2aabff3f35899ead95dfac83f5edac51
Details sha1 2
afdefcd9eb251202665388635c0109b5f7b4c0a5
Details sha1 2
f89f91e33bf59d0a07dfb1c4d7246d74a05dd67d
Details sha1 2
594d61532fb2aea88f2e3245473b600d351ee398
Details sha1 2
e264ba0e9987b0ad0812e5dd4dd3075531cfe269
Details sha1 2
c07e49c362f0c21513507726994a9bd040c0d4eb
Details sha1 2
f2c37ad5ca8877186c846b6dfb2cb761f5353305
Details sha1 2
a2101ec53fb0934b23f83c582d3a0bed9f66fd13
Details sha1 2
2ec6af460feabfe9ed37c1955ff266cff63f31ff
Details sha1 2
7940c6e29ab9cf6abe5e570f73eed93265962e1a
Details sha1 2
f657f695faf2cfd9f6f2188d154f7767da248b9e
Details sha1 2
a8a5d0223519590bb48e0b52102786623ec45511
Details sha1 2
7ece24f3b426169d720ab8353e07f0feb6dbc854
Details sha1 2
07f200ad0b5a03433a184b442dcd7a688e1ff7a7
Details sha1 2
970b45be172ffb9d3192a8d2d015b1c91b216107
Details sha1 2
1d56f998bc4f7b649f882a2d730d5e9b1b2e621f
Details sha1 2
f82b2df5e01abab70085a12388b3ec83c5e33ba1
Details sha1 2
e0e3456a0b3c06a33cbb4db1f7d1335b777cf107
Details sha256 2
b23aabe16db5f6ccdd061b457d01b94647ed5b5852806624dca277b43d63e188
Details sha256 2
5f6c0ba669db489bc2ff186af312bfe7616f9e4a12706e195225da7168e10db0
Details sha256 2
fc258ef827620184253ba37d94efc0043745c29cf3c9f21a6c730f7727d6d076
Details sha256 2
ba4e715fe25aeaaf186e8395c2f13ca580457ab4e8ec1c037fd13821d97a6848
Details sha256 2
15899e250892c2cc6b38d7cdcd2a3934a49c5dca954889564a98d15a52bf3b7c
Details sha256 2
46b8e68f5e85935349d0bfc555b9786f7adbac9ec9a9fa174ba0c4f89baa098f
Details sha256 2
148cd318aec19451b9ad17e58e0d97ebaffd46b56d3528608de20b95dd429c45
Details sha256 2
0f035dced631ac58cfae510cfc61bb1dbef119331a8aea8d5c724a5ddca0f8c5
Details sha256 2
bbf766df1972966b0ab3928d82c61d953e849638bb2c0bab60df3ad8aaacf174
Details sha256 2
3972d6c85bb37889265fef3bb3b3ed8494e038ca37e345a515e39b3e95766a50
Details sha256 2
129971e378991d14c444db7a7f4c9a16ece750dd6498261d2f35c85baa9bfd07
Details sha256 2
27f482377777a1b8e1e679863685f64121f28e1e6e2bba832397269d1763e118
Details sha256 2
d7a918b29b4423b2a4be151f1b37c28abc081068c13a04ad8fd70dbd725d659b
Details sha256 2
07a58395e20090f139eb0cb3aa1872da4fae8c1630de818a405d3329a7406150
Details sha256 2
60b32e40ec0a5e59081fa9816a26346892899175ce97c811761423c3533e0651
Details sha256 2
5d74d439bbb0be789e23bdaafd8cff938e6e686af7c8e215dc945cacc88d131c
Details sha256 2
2776c052d11f52501871c4cb5a051a1970f002c3f099969040945fb94a158d9a
Details sha256 2
57e76a7af5bafb4ff06f5f44dcf1182ea5c6a8682651c260f555c52fd441b412
Details sha256 2
aec68d256d8d2caf2d94c5944279806dd4da36d125c7a7d1485c89f718d0db15
Details sha256 3
53a653aae9678075276bdb8ccf5eaff947f9121f73b8dcf24858c0447922d0b1
Details sha256 3
f6c77098906f5634789d7fd7ff294bfd95325d69f1be96be1ee49ff161e07733
Details sha256 3
10cec5a84943f9b0c635640fad93fd2a2469cc46aae5e43a4604c903d139970f
Details sha256 3
c7ab300df27ad41f8d9e52e2d732f95479f4212a3c3d62dbf0511b37b3e81317
Details sha256 2
b3b2d915f47aa631cc4900ec56f9b833e84d20e850d78f42f78ad80eb362b8fc
Details sha256 2
b33d76c413ef0f4c48a8a61cfeb5e24ff465bbc6b70bf0cada2bb44299a2768f
Details sha256 2
f6c435a9a63bdef0517d60b6932cb05a8af3b29fc76abafc5542f99070db1e77
Details sha256 2
5756f6998e14df4dd09f92b9716cffa5cd996d961b41b82c066f5f51c037a62f
Details sha256 1
fa8853aaa156485855b77a16a2f613d9f58d82ef63505be8b19563827089bf52
Details sha256 1
13252199b18d5257a60f57de95d8c6be7d7973df7f957bca8c2f31e15fcc947b
Details sha256 1
8ba4cd7ea29f990cb86291003f82239bfafe28910d080b5b7d3db78e83c1b6f3
Details sha256 1
37b3fa8a3a05e4aedb25eb38d9e4524722f28c21fac9f788f87113c5b9184ef5
Details sha256 1
804cd68f40d0bb93b6676447af719388e95cafd5a2b017a0386eb7de590ebf17
Details sha256 2
3c0eb5de2946c558159a6b6a656d463febee037c17a1f605330e601cfcd39615
Details sha256 1
0d8c3289a2b21abb0d414e2c730d46081e9334a97b5e0b52b9a2f248c59a59ad
Details sha256 2
b32390e3ed03b99419c736b2eb707886b9966f731e629f23e3af63ea7a91a7af
Details sha256 2
dec561cc19458ea127dc1f548fcd0aaa51db007fa8b95c353086cd2d26bfcf02
Details sha256 2
a1b73a3fbd2e373a35d3745d563186b06857f594fa5379f6f7401d09476a0c41
Details sha256 2
31813bb69e10b636c785358ca09d7f91979454dc6fc001f750bf03ad8bde8fe5
Details IPv4 1
172.233.162.230
Details IPv4 5
45.141.84.45
Details IPv4 5
185.216.70.170
Details IPv4 5
185.196.9.31
Details IPv4 5
206.206.77.33
Details IPv4 5
5.61.59.201
Details IPv4 5
87.120.125.55
Details IPv4 2
84.246.85.94
Details IPv4 2
191.55.53.136
Details IPv4 2
147.45.116.5
Details IPv4 2
162.200.178.68
Details IPv4 3
108.165.96.26
Details IPv4 2
38.54.57.26
Details IPv4 3
185.244.151.84
Details IPv4 3
38.180.142.228
Details IPv4 5
96.9.215.155
Details IPv4 6
94.103.85.47
Details IPv4 1
185.244.182.87
Details IPv4 6
5.252.176.55
Details IPv4 1
85.198.110.216
Details IPv4 2
146.19.128.68
Details IPv4 2
169.150.207.210
Details IPv4 2
188.114.97.12
Details IPv4 2
89.187.169.3
Details IPv4 2
156.146.56.169
Details IPv4 3
104.21.20.40
Details IPv4 2
172.64.145.29
Details IPv4 2
172.67.151.251
Details IPv4 5
194.36.188.94
Details IPv4 5
185.117.75.3
Details IPv4 2
91.92.250.6
Details IPv4 2
87.120.114.219
Details IPv4 2
87.120.116.35
Details IPv4 1
87.120.116.242
Details IPv4 1
147.189.132.45
Details IPv4 1
46.102.174.115
Details IPv4 10
139.99.123.196
Details IPv4 2
80.76.51.5
Details IPv4 6
154.216.17.126
Details IPv4 6
154.213.187.50
Details IPv4 1
86.107.100.80
Details IPv4 1
213.182.204.57
Details IPv4 1
195.133.92.51
Details IPv4 1
185.82.200.181
Details IPv4 1
81.29.149.178
Details IPv4 1
88.151.195.22
Details IPv4 1
91.149.218.232
Details IPv4 1
91.149.238.18
Details IPv4 1
31.13.248.89
Details IPv4 1
193.233.193.45
Details IPv4 1
194.87.198.29
Details IPv4 8
45.202.35.91
Details IPv4 1
104.37.188.76
Details IPv4 1
95.214.53.205
Details IPv4 1
5.35.104.31
Details IPv4 1
149.50.106.25
Details IPv4 2
141.98.11.79
Details IPv4 8
45.202.35.24
Details IPv4 1
5.39.254.71
Details IPv4 1
45.126.50.101
Details IPv4 4
45.125.66.90
Details IPv4 1
91.132.50.181
Details Threat Actor Identifier - APT-C 103
APT-C-36
Details Url 1
https://www.ctfiot.com/220513.html
Details Url 1
https://warpower.dynuddns.net
Details Url 2
https://securelist.com/patched-forticlient-ems-vulnerability-exploited-in-the-wild/115046
Details Url 5
https://sipaco2.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://trembly.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://corsmich.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://myleka.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://petit.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://lindeman.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://sorina.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://kle.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://infinity.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://solarnyx2410150445.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://allwebemails1.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
https://web-r6hl0n.screenconnect.com/bin/screenconnect.clientsetup.exe?e=access&y=guest
Details Url 5
http://185.196.9.31:8080/bd7ozy3umql-yabi8fherw
Details Url 5
https://webhook.site/7ece827e-d440-46fd-9b22-cc9a01db03c8
Details Url 5
https://webhook.site/d0f4440c-927c-460a-a543-50d4fc87c8a4
Details Url 5
http://185.216.70.170
Details Url 5
http://185.216.70.170/oo.bat
Details Url 5
http://185.216.70.170/hello
Details Url 5
http://185.216.70.170/sos.txt
Details Url 5
http://185.216.70.170/72.bat
Details Url 5
http://206.206.77.33:8080/xey_j7tyzjajqyj4mbtb0w
Details Url 5
http://5.61.59.201:8080/flnofgpkol4qc_gyuweeyq
Details Url 5
http://5.61.59.201:8080/7k9xbvjahnqk09absc8spa
Details Url 5
https://www.lidahtoto2.com/assets/im.ps1
Details Url 5
http://87.120.125.55:8080/bw_qy1ofzrv7iniy_notfq
Details Url 1
https://www.crowdstrike.com/en-us/blog/latam-ecrime-malware-evolution-2024
Details Url 2
https://162.200.178.68.host.secureserver.net/g1
Details Url 2
https://contpt.top/romrv22/agsfa782.js
Details Url 2
https://contpt.top/gzs74/n5lbsd5852.vbs
Details Url 2
https://contpt.top/g2
Details Url 3
http://108.165.96.26:8080/19b.zip
Details Url 2
https://adjunto.pdfxml.store//6725c86d7fae4/js/6725c86d7fa55.js
Details Url 1
https://public.adobecc.com/files/1cbzrekgr3qfqlniab3cpysqnzafff?content_disposition=attachment
Details Url 2
http://38.54.57.26/lu/conta.php
Details Url 2
https://api.cacher.io/raw/e9972f773263412223fe/d5186951e0cbbf25c69b/a
Details Url 2
http://jacknwoods.com/jacds.php?jin=%computername%_%username%
Details Url 2
https://www.jacknwoods.com/chthuo.php?ain=%computername%_%username%
Details Url 2
http://jacknwoods.com/gfxview.msi
Details Url 2
https://ewh.ieee.org/reg/ccece15/files/ccece-word-sample.pdf
Details Url 1
https://siasat.top/xyzxyzhanoiwhb3237gb2wahabjiki/vuznbe3fbo234t34-snake-2723.html
Details Url 1
https://siasat.top/xyzxyzhanoiwhb3237gb2wahabjiki/income.pdf
Details Url 1
https://siasat.top/data
Details Url 1
https://www.cybereason.com/blog/threat-analysis-rise-of-lummastealer
Details Url 7
https://steamcommunity.com/profiles/76561199724331900
Details Url 1
https://securelist.com/cyber-anarchy-squad-attacks-with-uncommon-trojans/114990
Details Url 2
https://www.wiz.io/blog/diicot-threat-group-malware-campaign
Details Url 2
http://80.76.51.5/.nzjjoty
Details Url 1
https://www.akamai.com/blog/security-research/2024/dec/digiever-fix-that-iot-thing
Details Url 1
http://hailcocks.ru/wget.sh