Loki Backdoor IOCs - II - SEC-1275-1
Tags
| attack-pattern: | Data |
Common Information
| Type | Value |
|---|---|
| UUID | 78020c6f-6314-48f6-ae36-fd7ef69d52ad |
| Fingerprint | 78045f60411e1475 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 23, 2024, midnight |
| Added to db | Sept. 23, 2024, 8:41 a.m. |
| Last updated | Sept. 23, 2024, 8:42 a.m. |
| Headline | Loki Backdoor IOCs - II |
| Title | Loki Backdoor IOCs - II - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 6/1/13 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://1275.ru/ioc/3990/loki-backdoor-iocs-ii/?mtm_campaign=rss |
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 5 | document.info-cloud.ru |
|
| Details | Domain | 5 | ui.telecomz.ru |
|
| Details | Domain | 5 | nsitelecom.ru |
|
| Details | File | 3 | document.inf |
|
| Details | sha256 | 1 | 1aa8757c306622d320cf0d5ccceb15c49ba18a40ba9cb426d91a771242ccde52 |
|
| Details | sha256 | 1 | 5f8e9fe5156d14ab236213ad6ffe972e484880f8fce9382d28669f254e71c4c7 |
|
| Details | sha256 | 4 | aa544118deb7cb64ded9fdd9455a277d0608c6985e45152a3cbb7422bd9dc916 |
|
| Details | sha256 | 1 | e462d7d22208221873d99c4f7ba1bad26f5395f57e3a57d0da45c7db7093e31a |
|
| Details | sha256 | 1 | ff4cd4ae4e621e3cc370e274268bd12d54f353350c55de4910b9654b465b7eea |
|
| Details | sha256 | 4 | ff605df63ffe6d7123ad67e96f3bc698e50ac5b982750f77bbc75da8007625bb |
|
| Details | Url | 5 | http://document.info-cloud.ru/data |
|
| Details | Url | 5 | http://ui.telecomz.ru/data |
|
| Details | Url | 5 | http://y.nsitelecom.ru/certcenter |