ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Trap - T1546.005 Powershell - T1086 Trap - T1154

Show in Graph

Common Information

Type	Value
UUID	71da60ed-e6d2-4e8f-81b0-ad023b10c40b
Fingerprint	e63811a5bf075fc5
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 16, 2022, 4:18 p.m.
Added to db	Oct. 24, 2023, 1:33 p.m.
Last updated	Sept. 5, 2024, 1:58 a.m.
Headline	Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs
Title	Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs
Detected Hints/Tags/Attributes	33/2/17

Source URLs

	Redirection	Url
Details	Redirection	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-ursnif-banking-trojan-active-iocs-42
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-ursnif-banking-trojan-active-iocs-42/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	34		cve-2023-4516
Details	CVE	36		cve-2023-45208
Details	md5	1		32db0addb1d71fc86fda451c3a9e9a9c
Details	md5	1		bda822a48e615e3a3a3233b28f605232
Details	md5	1		ba0ca01029fa22351a0b81e3a44b8b90
Details	sha1	1		20ff1cfa9d4f71e0218f96ef3f2f7612b1dc752e
Details	sha1	1		620ece6cd02fa87d9d3e6bbf1481fe56b87b8206
Details	sha1	1		9e14acc262b275101b3781ba62170bc956e228a3
Details	sha256	1		f0b465a712cebb5906d45724f884fa0e43cb7cbc954babbad0f1d676af2db479
Details	sha256	1		4747c6474188b99285c18d7e9488cd34bd1d9630e819e848fe38f97df55a5730
Details	sha256	1		48ea2cef873e462c5f6b2912268bbd2e8f267a77357626e12a17aeab4eb33b71
Details	IPv4	3		62.173.138.28
Details	IPv4	1		64.237.240.3
Details	IPv4	1		67.235.138.14
Details	IPv4	1		175.139.130.191
Details	IPv4	1		2.50.44.83
Details	IPv4	1		75.99.125.234