ioc[.]one - OSINT Cyber Threat Intelligence Database

An Analysis of Infrastructure linked to the Hagga Threat Actor

Tags

country:	Pakistan Vietnam
attack-pattern:	Data Control Panel - T1218.002 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Whois - T1596.002

Show in Graph

Common Information

Type	Value
UUID	936f16b3-10a4-4851-8369-7721f66b3f6c
Fingerprint	e5b1a7d9402a8384
Analysis status	DONE
Considered CTI value	0
Text language
Published	July 12, 2022, 10:08 a.m.
Added to db	Sept. 11, 2022, 12:37 p.m.
Last updated	Nov. 17, 2024, 12:58 p.m.
Headline	Dragon News Blog
Title	An Analysis of Infrastructure linked to the Hagga Threat Actor
Detected Hints/Tags/Attributes	44/2/38

Source URLs

	Redirection	Url
Details	Source	https://team-cymru.com/blog/2022/07/12/an-analysis-of-infrastructure-linked-to-the-hagga-threat-actor/

URL Provider

Details	Provider	Source level domain
Details	team-cymru.com	team-cymru.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	503	✔	—	https://team-cymru.com/feed/	2024-08-31 10:08

Attributes

Details	Type	#Events	Value
Details	Domain	2	newbotv4.monster
Details	Domain	2	bot.statusupdate.one
Details	Domain	2	update.newbotv2.monster
Details	Domain	2	statusupdate.one
Details	Domain	2	mobibagugu.duckdns.org
Details	Domain	2	mobibanewdan.duckdns.org
Details	Domain	2	mohbeebnew.duckdns.org
Details	Domain	3	mubbibun.duckdns.org
Details	Domain	2	cdec22.duckdns.org
Details	Domain	3	vncgoga.duckdns.org
Details	Domain	2	bakuzamokala.duckdns.org
Details	Domain	2	warnonmobina.duckdns.org
Details	Domain	2	abotherrdpajq.duckdns.org
Details	Domain	2	mobinomomuam.duckdns.org
Details	Domain	2	workflowstatus.live
Details	Domain	2	heavy-dutyindustry.shop
Details	Domain	2	microsoftiswear.duckdns.org
Details	Domain	2	update.newbotv4.monster
Details	File	207	login.php
Details	IPv4	4	69.174.99.181
Details	IPv4	2	155.94.209.50
Details	IPv4	2	161.129.64.49
Details	IPv4	2	64.188.20.198
Details	IPv4	2	42.201.155.21
Details	IPv4	2	42.201.155.40
Details	IPv4	2	103.151.122.110
Details	IPv4	2	72.11.157.208
Details	IPv4	3	192.154.226.47
Details	IPv4	2	64.188.21.227
Details	IPv4	2	72.11.143.125
Details	IPv4	2	72.11.143.47
Details	IPv4	2	207.32.217.137
Details	IPv4	2	194.31.98.108
Details	IPv4	2	103.133.105.61
Details	IPv4	2	78.138.105.142
Details	IPv4	2	103.153.77.98
Details	IPv4	2	64.188.27.104
Details	Url	2	http://69.174.99.181/webpanel-reza/login.php