TargetCompany Ransomware IOCs - Part 2 - SEC-1275-1
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 79bda290-73bc-4d8d-bc42-f6fa5918bc81 |
| Fingerprint | 7edcf4981da76ec5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 8, 2023, midnight |
| Added to db | Aug. 13, 2023, 10:23 a.m. |
| Last updated | Oct. 18, 2024, 5:04 p.m. |
| Headline | TargetCompany Ransomware IOCs - Part 2 |
| Title | TargetCompany Ransomware IOCs - Part 2 - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 5/0/40 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://1275.ru/ioc/2433/targetcompany-ransomware-iocs-2/?from=rss |
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | whyers.io |
|
| Details | File | 11 | ap.php |
|
| Details | File | 3 | drtse.exe |
|
| Details | File | 3 | lighting.exe |
|
| Details | File | 3 | ayhhny.exe |
|
| Details | File | 3 | lawer.exe |
|
| Details | File | 3 | bwarp.exe |
|
| Details | File | 3 | auptxums.bat |
|
| Details | sha256 | 1 | 08cfd5a321a47a55c5e8732e3d12bf937ca32426dcd668c7d620cfae48159348 |
|
| Details | sha256 | 10 | 094d1476331d6f693f1d546b53f1c1a42863e6cde014e2ed655f3cbe63e5ecde |
|
| Details | sha256 | 1 | 12842d49038c066464ac723b9665ff93f634042646bdd6947b54042fd0e06342 |
|
| Details | sha256 | 3 | 18c909a2b8c5e16821d6ef908f56881aa0ecceeaccb5fa1e54995935fcfd12f7 |
|
| Details | sha256 | 1 | 1ef8aebbb3816d7d534a581c1d1d8730a73355068e8b39587b2363ccbe692c08 |
|
| Details | sha256 | 1 | 22816dc4dda6beec453e9a48520842b8409c54933cc81f1a338bc77199ab917e |
|
| Details | sha256 | 1 | 26a674f981da653d72d139331e0a46e7dc09142ce2bc602655d6fbb37626c668 |
|
| Details | sha256 | 1 | 2aa688bebce1788d58ca8d42628b5642a4891adaf275b3ac246f7859f6280115 |
|
| Details | sha256 | 1 | 2efdffd1cf3adab21ff760f009d8893d8c4cbcf63b2c3bfcc1139457c9cd430b |
|
| Details | sha256 | 1 | 3c665d38c5ccb0b41983ad492b31c499b176219ca7a93494fd902f592cee2ff6 |
|
| Details | sha256 | 1 | 4b1949536f3f6140da0a9fc87eb0430b61206852145ada5cecbc279b242bce10 |
|
| Details | sha256 | 1 | 52fe40246265e29ab791c26e57e568b18cbc4f57c3db5b12beb1415c416d64bb |
|
| Details | sha256 | 1 | 734803d815af2b27fbbb7b4516df3f6fb29ed76d1b16c661a38dbe860831b906 |
|
| Details | sha256 | 3 | 777a5782426e5b42e0e5e8445dd9602d123e8acc27aca4daa8e9c053f3d5b899 |
|
| Details | sha256 | 1 | bcff44c6673ded04c8fb76b733837ce109ac6cbb0e4d1ba5b290f76632a4e718 |
|
| Details | sha256 | 1 | bf28b8a8576beb4755ec6a9d93fc4539e40dee7197b6399dfad5224f5ee74b19 |
|
| Details | sha256 | 1 | d59f6e95075026e755a415a5dd5fd4b617516c99d064b833e01c7e5d583cf2fd |
|
| Details | sha256 | 1 | e0d4dc05991211e86c920092966d7025f8e40b77a799428f8491c4f7fa6078a6 |
|
| Details | sha256 | 12 | e8a3e804a96c716a3e9b69195db6ffb0d33e2433af871e4d4e1eab3097237173 |
|
| Details | sha256 | 1 | eb75b7d31a9bd3686fcb0088c684972439687171101368ebf9134a53abac3c20 |
|
| Details | sha256 | 1 | f0e68af393967d8a236461815dd601baf7ebced7b807c224bceb51d0e8bb4b87 |
|
| Details | IPv4 | 4 | 185.209.230.21 |
|
| Details | IPv4 | 2 | 195.3.146.183 |
|
| Details | IPv4 | 10 | 80.66.75.116 |
|
| Details | IPv4 | 8 | 80.66.75.37 |
|
| Details | Url | 3 | https://whyers.io/qwewqdsvsf/ap.php |
|
| Details | Url | 3 | http://80.66.75.37/drtse.exe |
|
| Details | Url | 1 | http://80.66.75.37:8080/lighting.exe |
|
| Details | Url | 3 | http://80.66.75.37/ayhhny.exe |
|
| Details | Url | 3 | http://80.66.75.37/lawer.exe |
|
| Details | Url | 3 | http://80.66.75.37/bwarp.exe |
|
| Details | Url | 3 | http://185.209.230.21:8080/auptxums.bat |