ioc[.]one - OSINT Cyber Threat Intelligence Database

Hadooken and K4Spreader: The 8220 Gang's Latest Arsenal

Tags

cmtmf-attack-pattern:	Masquerading
country:	Brazil China Portugal
attack-pattern:	Bash History - T1552.003 Credentials - T1589.001 Cron - T1053.003 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Powershell - T1059.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 Vulnerabilities - T1588.006 Bash History - T1139 Brute Force - T1110 Connection Proxy - T1090 Masquerading - T1036 Powershell - T1086 Denial Of Service Masquerading

Show in Graph

Common Information

Type	Value
UUID	95070bf5-2ea8-48f4-8ed3-92645aaa6539
Fingerprint	bc309553adb7afc5
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 30, 2024, 7:15 a.m.
Added to db	Sept. 30, 2024, 9:50 a.m.
Last updated	Nov. 17, 2024, 5:55 p.m.
Headline	Hadooken and K4Spreader: The 8220 Gang’s Latest Arsenal
Title	Hadooken and K4Spreader: The 8220 Gang's Latest Arsenal
Detected Hints/Tags/Attributes	88/3/32

Source URLs

	Redirection	Url
Details	Source	https://blog.sekoia.io/hadooken-and-k4spreader-the-8220-gangs-latest-arsenal/

URL Provider

Details	Provider	Source level domain
Details	sekoia.io	blog.sekoia.io

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	59	✔	Sekoia.io Blog	https://blog.sekoia.io/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	81	cve-2017-10271
Details	CVE	27	cve-2020-14883
Details	CVE	84	cve-2023-46604
Details	Domain	4	sck-dns.cc
Details	Domain	5	c4k-ircd.pwndns.pw
Details	Domain	8	pwn.oracleservice.top
Details	Domain	3	play.sck-dns.cc
Details	Domain	2	irc.bashgo.pw
Details	Domain	5	run.on-demand.pw
Details	Domain	118	sekoia.io
Details	Email	18	tdr@sekoia.io
Details	File	4	2.gif
Details	File	3	m.xml
Details	File	3	m1.xml
Details	File	7	bin.ps1
Details	File	1	amsi_patch.ps1
Details	File	8	ccleaner64.exe
Details	File	3	ueordwfkay.pdf
Details	File	5	plugin3.dll
Details	IPv4	2	77.221.151.174
Details	IPv4	6	154.213.192.44
Details	IPv4	3	51.222.111.116
Details	IPv4	6	80.78.24.30
Details	IPv4	3	77.221.149.212
Details	IPv4	8	51.255.171.23
Details	IPv4	1	3.2.10.6
Details	IPv4	3	198.199.85.230
Details	IPv4	3	64.227.170.227
Details	IPv4	3	157.230.29.135
Details	Url	3	http://154.213.192.44/ueordwfkay.pdf
Details	Url	3	http://154.213.192.44/plugin3.dll
Details	Url	3	http://sck-dns.cc/c