The Feed 2025–01–10
Tags
Common Information
Type | Value |
---|---|
UUID | 6a3c9801-beca-4565-8501-c0489e8636c3 |
Fingerprint | ad94993b2137af99 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Jan. 10, 2025, 9:44 a.m. |
Added to db | Jan. 10, 2025, 10:58 a.m. |
Last updated | Jan. 19, 2025, 8:20 a.m. |
Headline | The Feed 2025–01–10 |
Title | The Feed 2025–01–10 |
Detected Hints/Tags/Attributes | 122/4/86 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 2 | authenticator.cc |
|
Details | Domain | 6 | authorisev.site |
|
Details | Domain | 6 | contemteny.site |
|
Details | Domain | 4 | dilemmadu.site |
|
Details | Domain | 4 | faulteyotk.site |
|
Details | Domain | 4 | forbidstow.site |
|
Details | Domain | 4 | goalyfeastz.site |
|
Details | Domain | 4 | opposezmny.site |
|
Details | Domain | 4 | seallysl.site |
|
Details | Domain | 4 | servicedny.site |
|
Details | Domain | 1 | banshee-stealer.com |
|
Details | Domain | 55 | steamcommunity.com |
|
Details | Domain | 3 | api7.cfd |
|
Details | Domain | 3 | coincapy.com |
|
Details | Domain | 3 | fotor.software |
|
Details | Domain | 159 | research.checkpoint.com |
|
Details | Domain | 5 | else-accommodation-allowing-throws.trycloudflare.com |
|
Details | Domain | 7 | cod-identification-imported-carl.trycloudflare.com |
|
Details | Domain | 8 | amsterdam-sheet-veteran-aka.trycloudflare.com |
|
Details | Domain | 5 | benjamin-unnecessary-mothers-configured.trycloudflare.com |
|
Details | Domain | 7 | longitude-powerpoint-geek-upgrade.trycloudflare.com |
|
Details | Domain | 5 | attribute-homework-generator-lovers.trycloudflare.com |
|
Details | Domain | 7 | infected-gc-rhythm-yu.trycloudflare.com |
|
Details | Domain | 56 | go.recordedfuture.com |
|
Details | Domain | 3 | groupgreeting.com |
|
Details | Domain | 72 | www.malwarebytes.com |
|
Details | Domain | 95 | mega.nz |
|
Details | Domain | 1 | tech-cloud.org |
|
Details | Domain | 1 | privacycourses.com |
|
Details | Domain | 6 | cscrm-hiring.com |
|
Details | Domain | 3 | cs-applicant-crm-installer.zip |
|
Details | Domain | 5096 | github.com |
|
Details | Domain | 2 | xmrig-6.22.2-gcc-win64.zip |
|
Details | Domain | 10 | temp.zip |
|
Details | File | 567 | mshta.exe |
|
Details | File | 2 | cta-ru-2024-1205.pdf |
|
Details | File | 1 | how-cracks-and-installers-bring-malware-to-your-device.html |
|
Details | File | 2 | 2-gcc-win64.zip |
|
Details | File | 3 | %temp%\system\temp.zip |
|
Details | File | 3 | %temp%\system\process.exe |
|
Details | File | 2 | %localappdata%\system32\config.exe |
|
Details | File | 2 | %localappdata%\system32\process.exe |
|
Details | File | 2 | %appdata%\microsoft\windows\start menu\programs\maintenance\info.txt |
|
Details | File | 2 | %appdata%\microsoft\windows\start menu\programs\startup\startup.bat |
|
Details | sha256 | 4 | d8ecc92571b3bcd935dcab9cdbeda7c2ebda3021dda013920ace35d294db07be |
|
Details | sha256 | 4 | d04f71711e7749a4ff193843ae9ce852c581e55eaf29b8eec5b36c4b9c8699c2 |
|
Details | sha256 | 4 | 3bcd41e8da4cf68bb38d9ef97789ec069d393306a5d1ea5846f0c4dc0d5beaab |
|
Details | sha256 | 4 | b978c70331fc81804dea11bf0b334aa324d94a2540a285ba266dd5bbfbcbc114 |
|
Details | sha256 | 4 | ce371a92e905d12cb16b5c273429ae91d6ff5485dda04bfedf002d2006856038 |
|
Details | sha256 | 7 | 3afc8955057eb0bae819ead1e7f534f6e5784bbd5b6aa3a08af72e187b157c5b |
|
Details | sha256 | 5 | 93aa6cd0787193b4ba5ba6367122dee846c5d18ad77919b261c15ff583b0ca17 |
|
Details | sha256 | 7 | b95eea2bee2113b7b5c7af2acf6c6cbde05829fab79ba86694603d4c1f33fdda |
|
Details | sha256 | 3 | 96558bd6be9bcd8d25aed03b996db893ed7563cf10304dffe6423905772bbfa1 |
|
Details | sha256 | 3 | 62f3a21db99bcd45371ca4845c7296af81ce3ff6f0adcaee3f1698317dd4898b |
|
Details | sha256 | 3 | 7c370211602fcb54bc988c40feeb3c45ce249a8ac5f063b2eb5410a42adcc030 |
|
Details | IPv4 | 4 | 41.216.183.49 |
|
Details | IPv4 | 1 | 65.108.186.71 |
|
Details | IPv4 | 1 | 41.216.107.90 |
|
Details | IPv4 | 1 | 185.1.161.213 |
|
Details | IPv4 | 1 | 45.150.33.99 |
|
Details | IPv4 | 1 | 85.184.11.127 |
|
Details | IPv4 | 1 | 185.2.167.1 |
|
Details | IPv4 | 1 | 213.164.238.108 |
|
Details | IPv4 | 1 | 67.230.196.160 |
|
Details | IPv4 | 1 | 193.233.169.189 |
|
Details | IPv4 | 5 | 178.130.42.94 |
|
Details | IPv4 | 1 | 104.22.78.165 |
|
Details | IPv4 | 4 | 93.115.172.41 |
|
Details | Mandiant Temporary Group Assumption | 9 | TEMP.ZIP |
|
Details | Url | 12 | https://steamcommunity.com/profiles/76561199724331900 |
|
Details | Url | 3 | http://api7.cfd/testet123t |
|
Details | Url | 3 | https://coincapy.com/zx |
|
Details | Url | 3 | https://fotor.software/mediakit |
|
Details | Url | 3 | https://fotor.software/macos/collaboration |
|
Details | Url | 1 | https://api7.cfd/testet123t |
|
Details | Url | 3 | https://research.checkpoint.com/2025/banshee-macos-stealer-that-stole-code-from-macos-xprotect |
|
Details | Url | 2 | https://go.recordedfuture.com/hubfs/reports/cta-ru-2024-1205.pdf |
|
Details | Url | 2 | https://www.malwarebytes.com/blog/news/2025/01/groupgreeting-e-card-site-attacked-inzqxq-campaign |
|
Details | Url | 1 | https://www.trendmicro.com/en_us/research/25/a/how-cracks-and-installers-bring-malware-to-your-device.html |
|
Details | Url | 1 | https://www.bleepingcomputer.com/news/security/mirrorface-hackers-targeting-japanese-govt-politicians-since-2019 |
|
Details | Url | 3 | https://cscrm-hiring.com/cs-applicant-crm-installer.zip |
|
Details | Url | 4 | http://93.115.172.41/private/aw5zdhj1y3rpb25zcg==.txt |
|
Details | Url | 1 | http://github.com/xmrig/xmrig/releases/download/v6.22.2/xmrig-6.22.2-gcc-win64.zip |
|
Details | Url | 2 | https://www.crowdstrike.com/en-us/blog/recruitment-phishing-scam-imitates-crowdstrike-hiring-process |
|
Details | Windows Registry Key | 2 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\config |
|
Details | Yara rule | 2 | rule macos_binary { meta: author = "Antonis Terefos @Tera0017/@Check Point Research" descr = "MacOS file format" condition: uint32(0) == 0xFEEDFACE or uint32(0) == 0xFEEDFACF or uint32(0) == 0xBEBAFECA } |