FK_Undead Loader IOCs - SEC-1275-1
Tags
attack-pattern: Hardware - T1592.001
Show in Graph
Common Information
Type Value
UUID 912acafd-d2df-453e-81c9-264f95041665
Fingerprint f21e7abed326745b
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 11, 2024, midnight
Added to db Dec. 11, 2024, 7:11 a.m.
Last updated Dec. 13, 2024, 12:15 p.m.
Headline FK_Undead Loader IOCs
Title FK_Undead Loader IOCs - SEC-1275-1
Detected Hints/Tags/Attributes 6/1/25
Source URLs
Redirection Url
Details Source https://1275.ru/ioc/8377/fk_undead-loader-iocs/?mtm_campaign=rss
URL Provider
Details Provider Source level domain
Details 1275.ru 1275.ru
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 8 Архивы IOC - SEC-1275-1 https://1275.ru/ioc/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
microsoftdns2.com
Details Domain 2 
tjxgood.com
Details Domain 2 
tjxupdates.com
Details File 3 
c:\windows\system32\drivers\ws3ifsl.sys
Details File 2 
txlsddlx64.dat
Details File 2 
txlsddlx64_7.dat
Details File 2 
auth.bin
Details File 2 
auth7.bin
Details sha256 2 
046442a7e16166225a0c070bf8d311caddc48cbe61a4b82d462d8dd4501cfd00
Details sha256 2 
10d8591dd18e061febabe0384dc64e5516b7e7e54be87ca0ac35e11f698b0cc2
Details sha256 2 
1f5dcc5b0916a77087f160130d5eadb26fe8ee9d47177d19944773d562c03e8e
Details sha256 2 
33a305cf2ff910c833e3c8efd77e9f55fc1344215f75a4c8feda6fd5d8e98628
Details sha256 2 
6af4343fd0ce9b27a2862f75d409d4021efc3160c40a5bda174b2ad30086722d
Details sha256 2 
708f4f45f7515d2b94de5772ee883cfd579dbff216e8a8db3181d2cf0e2a2770
Details sha256 2 
adf0bed4734b416c0c958e096593e93726ba9eb2b39c88645e02033755e16a1b
Details sha256 2 
ca8061f5ee59cba8f8f4e036eddc5f470e0936ebec470a0ebd4e84ab0475ece2
Details IPv4 2 
101.37.76.254
Details Url 2 
http://101.37.76.254:31005/txlsddlx64.dat
Details Url 2 
http://101.37.76.254:31005/txlsddlx64_7.dat
Details Url 2 
http://microsoftdns2.com:27688/html/jpg/u[yyyymmddhhmmssfff].dat
Details Url 2 
http://microsoftdns2.com:27688/html/png/v[yyyymmddhhmmssfff].dat
Details Url 2 
http://tjxgood.com:38005/auth.bin
Details Url 2 
http://tjxgood.com:38005/auth7.bin
Details Url 2 
http://tjxupdates.com:38005/auth.bin
Details Url 2 
http://tjxupdates.com:38005/auth7.bin