ioc[.]one - OSINT Cyber Threat Intelligence Database

LemonDuck Malware IOCs - SEC-1275-1

Tags

attack-pattern:

Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	71e6fff3-b796-4a15-a82b-059e9d075de7
Fingerprint	504da1a34f378aff
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 10, 2024, midnight
Added to db	Oct. 10, 2024, 10:45 a.m.
Last updated	Nov. 15, 2024, 6:44 a.m.
Headline	LemonDuck Malware IOCs
Title	LemonDuck Malware IOCs - SEC-1275-1
Detected Hints/Tags/Attributes	8/1/9

Source URLs

	Redirection	Url
Details	Source	https://1275.ru/ioc/4089/lemonduck-malware-iocs/?mtm_campaign=rss

URL Provider

Details	Provider	Source level domain
Details	1275.ru	1275.ru

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	8	✔	Архивы IOC - SEC-1275-1	https://1275.ru/ioc/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	126		cve-2017-0144
Details	Domain	8		amynx.com
Details	Domain	10		zz3r0.com
Details	File	3		gim.jsp
Details	File	20		page.html
Details	md5	1		3ca77a9dfa6188ed9418d03df61fea7a
Details	IPv4	3		211.22.131.99
Details	Url	3		http://t.amynx.com/gim.jsp
Details	Url	2		http://w.zz3r0.com/page.html?psvr