Rewterz Threat Alert – Latest LokiBot IOCs - Rewterz
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | 770ed366-8b1b-425b-b28b-8f03ea41eee8 |
| Fingerprint | a5bf72456ed5cf4f |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | June 24, 2020, 4:10 p.m. |
| Added to db | Dec. 19, 2024, 8:28 p.m. |
| Last updated | Dec. 19, 2024, 8:34 p.m. |
| Headline | Rewterz Threat Alert – Latest LokiBot IOCs |
| Title | Rewterz Threat Alert – Latest LokiBot IOCs - Rewterz |
| Detected Hints/Tags/Attributes | 22/1/9 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 3 | cve-2020-9288 |
|
| Details | Domain | 1 | slimfile.cf |
|
| Details | Domain | 2 | firewallinternationalgatewayforoffcefile.duckdns.org |
|
| Details | Domain | 3 | millsmiltinon.com |
|
| Details | IPv4 | 1 | 104.223.143.150 |
|
| Details | Url | 1 | http://slimfile.cf/slim/fre.php |
|
| Details | Url | 1 | http://firewallinternationalgatewayforoffcefile.duckdns.org/bdo/dwm.exe |
|
| Details | Url | 1 | http://104.223.143.150/lommy/panel/five/fre.php |
|
| Details | Url | 1 | https://millsmiltinon.com/fhgmim/olhjilo.exe |