ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – LockBit 3.0 Ransomware Spreads Via Word Documents – Active IOCs

Tags

cmtmf-attack-pattern:	Masquerading
attack-pattern:	Data Model Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Mshta - T1218.005 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Masquerading - T1036 Mshta - T1170 Powershell - T1086 Masquerading

Show in Graph

Common Information

Type	Value
UUID	58462549-ff90-44c8-8bc5-3db5b20fcb2b
Fingerprint	a67811319b156761
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 6, 2022, 1:13 p.m.
Added to db	Oct. 24, 2023, 1:37 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Rewterz Threat Alert – LockBit 3.0 Ransomware Spreads Via Word Documents – Active IOCs
Title	Rewterz Threat Alert – LockBit 3.0 Ransomware Spreads Via Word Documents – Active IOCs
Detected Hints/Tags/Attributes	51/2/24

Source URLs

	Redirection	Url
Details	Redirection	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-lockbit-3-0-ransomware-spreads-via-word-documents-active-iocs
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-lockbit-3-0-ransomware-spreads-via-word-documents-active-iocs/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

Attributes

Details	Type	#Events	Value
Details	CVE	34	cve-2023-4516
Details	CVE	36	cve-2023-45208
Details	Domain	4	ppaauuaa11232.cc
Details	File	456	mshta.exe
Details	File	4	min.docx
Details	File	4	rin.docx
Details	File	3	dlx5rc.dot
Details	File	9	aaa.exe
Details	File	3	c:\users\public\156498415616651651984561561658456.exe
Details	File	3	156498415616651651984561561658456.exe
Details	md5	3	2d8b6275dee02ea4ed218ba2673b834e
Details	md5	3	97c07d03556ddcfc8ebfa462df546eb5
Details	md5	3	45dfdde3df07b6ccc23b7ae6e3dc1212
Details	md5	3	77c5fb080bf77f099c5b5f268dcf4435
Details	sha1	1	373b7298af62ab6d9be5c75c85290d3de38f5f82
Details	sha1	1	c625a62c9fc3abbd7cba88e275ddb2c07368856f
Details	sha1	1	36ff7eb9b5e0c112197de5cbb13761927e201053
Details	sha1	1	160c8bc7c5284ba5c0f1b68bd61500d7c7a6b2c4
Details	sha256	1	a38149df362f90430a7042723e93963a6cecd87c77284d6ed23f7bc1ba6cd5eb
Details	sha256	1	1f0617725b2a0b0c3bb1067f0b77da049da0545710d9743813969b3bbcc563f4
Details	sha256	1	f019495a1d4feecc07769dc1fbecccb871634cc707c43befe1ea7aa2c629e337
Details	sha256	1	baafd4f1903f80a473facbf3889ee98823fa560c3eecf3fb232e67c78b0c3a80
Details	Url	3	http://ppaauuaa11232.cc/dlx5rc.dotm
Details	Url	3	http://ppaauuaa11232.cc/aaa.exe