ioc[.]one - OSINT Cyber Threat Intelligence Database

Ransomware December 2024 Threat Intel

Tags

cmtmf-attack-pattern:	Command And Scripting Interpreter Masquerading Network Sniffing Obfuscated Files Or Information Process Injection
country:	Mexico
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Adversary-In-The-Middle - T1638 Adversary-In-The-Middle - T1557 Command And Scripting Interpreter - T1623 Credentials - T1589.001 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Impair Defenses - T1562 Impair Defenses - T1629 Inhibit System Recovery - T1490 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Obfuscated Files Or Information - T1406 Phishing - T1660 Phishing - T1566 Process Injection - T1631 Sharepoint - T1213.002 Transmitted Data Manipulation - T1493 Transmitted Data Manipulation - T1565.002 Tool - T1588.002 Whois - T1596.002 Transmitted Data Manipulation - T1641.001 Brute Force - T1110 Command-Line Interface - T1059 Exploitation For Credential Access - T1212 Masquerading - T1036 Modify Registry - T1112 Network Sniffing - T1040 Obfuscated Files Or Information - T1027 Process Injection - T1055 Windows Management Instrumentation - T1047 User Execution - T1204 Masquerading Network Sniffing User Execution

Show in Graph

Common Information

Type	Value
UUID	97694b31-fa6f-40e4-9d7d-1ffa2420f980
Fingerprint	82028a910f169efb
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 2, 2024, 5:22 p.m.
Added to db	Dec. 2, 2024, 6:41 p.m.
Last updated	Dec. 18, 2024, 11:16 a.m.
Headline	Ransomware December 2024 Threat Intel
Title	Ransomware December 2024 Threat Intel
Detected Hints/Tags/Attributes	99/4/123

Source URLs

	Redirection	Url
Details	Redirection	https://medium.com/@sdsec12/ransomware-december-2024-threat-intel-28a7edae8caa?source=rss------cybersecurity-5
Details	Redirection	https://sdsec12.com/ransomware-december-2024-threat-intel-28a7edae8caa?source=rss------cybersecurity-5
Details	Redirection	https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Fsdsec12.com%2Fransomware-december-2024-threat-intel-28a7edae8caa%3Fsource%3Drss------cybersecurity-5
Details	Source	https://sdsec12.com/ransomware-december-2024-threat-intel-28a7edae8caa?gi=ea58a3701753&source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com
Details	sdsec12.com	sdsec12.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1124	any.run
Details	Domain	8	lynxbllrfr5262yvbgtqoyq76s7mpztcqkv6tjjxgpilpma7nyoeohyd.onion
Details	Domain	10	lynxblog.net
Details	Domain	5	lynxblogco7r37jt7p5wrmfxzqze7ghxw6rihzkqc455qluacwotciyd.onion
Details	Domain	5	lynxblogijy4jfoblgix2klxmkbgee4leoeuge7qt4fpfkj4zbi2sjyd.onion
Details	Domain	5	lynxblogmx3rbiwg3rpj4nds25hjsnrwkpxt5gaznetfikz4gz2csyad.onion
Details	Domain	5	lynxblogoxllth4b46cfwlop5pfj4s7dyv37yuy7qn2ftan6gd72hsad.onion
Details	Domain	5	lynxblogtwatfsrwj3oatpejwxk5bngqcd5f7s26iskagfu7ouaomjad.onion
Details	Domain	5	lynxblogxstgzsarfyk2pvhdv45igghb4zmthnzmsipzeoduruz3xwqd.onion
Details	Domain	5	lynxblogxutufossaeawlij3j3uikaloll5ko6grzhkwdclrjngrfoid.onion
Details	Domain	8	lynxch2k5xi35j7hlbmwl7d6u2oz4vp2wqp6qkwol624cod3d6iqiyqd.onion
Details	Domain	6	lynxchatbykq2vycvyrtjqb3yuj4ze2wvdubzr2u6b632trwvdbsgmyd.onion
Details	Domain	5	lynxchatde4spv5x6xlwxf47jdo7wtwwgikdoeroxamphu3e7xx5doqd.onion
Details	Domain	5	lynxchatdy3tgcuijsqofhssopcepirjfq2f4pvb5qd4un4dhqyxswqd.onion
Details	Domain	5	lynxchatdykpoelffqlvcbtry6o7gxk3rs2aiagh7ddz5yfttd6quxqd.onion
Details	Domain	6	lynxchatfw4rgsclp4567i4llkqjr2kltaumwwobxdik3qa2oorrknad.onion
Details	Domain	6	lynxchatly4zludmhmi75jrwhycnoqvkxb4prohxmyzf4euf5gjxroad.onion
Details	Domain	6	lynxchatohmppv6au67lloc2vs6chy7nya7dsu2hhs55mcjxp2joglad.onion
Details	Domain	2	bianlivemqbawcco4cx4a672k2fip3guyxudzurfqvdszafam3ofqgqd.onion
Details	Domain	3	bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion
Details	Domain	2	gnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion
Details	Domain	5	apple-online.shop
Details	Domain	4	2mail.co
Details	Domain	4	weg7sdx54bevnvulapqu6bpzwztryeflq3s23tegbmnhkbpqz637f2yd.onion
Details	Domain	1	1tvnews.af
Details	Domain	1	avpvuurwerk.nl
Details	Domain	1	beautyhabits.gr
Details	Domain	1	interpolyaris.ru
Details	Domain	1	libertygospeltracts.com
Details	Domain	1	oldtimertreffen-rethem.de
Details	Domain	1	parencyivf.com
Details	Domain	1	pikaluna.com
Details	Domain	1	stroeck.at
Details	Domain	2	mystuff.bublup.com
Details	Domain	1	provincial-gaiters-gw.aws-use1.cloud-ara.tyk.io
Details	Domain	90	onionmail.org
Details	Email	3	n0torious@onionmail.org
Details	Email	4	swikipedia@onionmail.org
Details	Email	3	xwikipedia@onionmail.org
Details	File	358	vssadmin.exe
Details	sha256	5	02472036db9ec498ae565b344f099263f3218ecb785282150e8565d5cac92461
Details	sha256	5	05e4f234a0f177949f375a56b1a875c9ca3d2bee97a2cb73fc2708914416c5a9
Details	sha256	5	11cfd8e84704194ff9c56780858e9bbb9e82ff1b958149d74c43969d06ea10bd
Details	sha256	5	1a7c754ae1933338c740c807ec3dcf5e18e438356990761fdc2e75a2685ebf4a
Details	sha256	4	29a25e971dbb87d3adcee75693782d978a3ca9f64df0a59b015ca519a4026c49
Details	sha256	5	3156ee399296d55e56788b487701eb07fd5c49db04f80f5ab3dc5c4e3c071be0
Details	sha256	5	36e3c83e50a19ad1048dab7814f3922631990578aab0790401bc67dbcc90a72e
Details	sha256	5	508a644d552f237615d1504aa1628566fe0e752a5bc0c882fa72b3155c322cef
Details	sha256	6	571f5de9dd0d509ed7e5242b9b7473c2b2cbb36ba64d38b32122a0a337d6cf8b
Details	sha256	5	63e0d4e861048f581c9e5c64b28a053eb0023d58eebf2b943868d5f68a67a8b7
Details	sha256	5	64b249eb3ab5993e7bcf5c0130e5f31cbd79dabdcad97268042780726e68533f
Details	sha256	5	7f104a3dfda3a7fbdd9b910d00b0169328c5d2facc10dc17b4378612ffa82d51
Details	sha256	4	82eb1910488657c78bef6879908526a2a2c6c31ab2f0517fcc5f3f6aa588b513
Details	sha256	5	869d6ae8c0568e40086fd817766a503bfe130c805748e7880704985890aca947
Details	sha256	5	9ac550187c7c27a52c80e1c61def1d3d5e6dbae0e4eaeacf1a493908ffd3ec7d
Details	sha256	4	a0ceb258924ef004fa4efeef4bc0a86012afdb858e855ed14f1bbd31ca2e42f5
Details	sha256	4	c41ab33986921c812c51e7a86bd3fd0691f5bba925fae612f1b717afaa2fe0ef
Details	sha256	5	ca9d2440850b730ba03b3a4f410760961d15eb87e55ec502908d2546cd6f598c
Details	sha256	5	d147b202e98ce73802d7501366a036ea8993c4c06cdfc6921899efdd22d159c6
Details	sha256	5	e17c601551dfded76ab99a233957c5c4acf0229b46cd7fc2175ead7fe1e3d261
Details	sha256	6	eaa0e773eb593b0046452f420b6db8a47178c09e6db0fa68f6a2d42c3f48e3bc
Details	sha256	5	ee1d8ac9fef147f0751000c38ca5d72feceeaae803049a2cd49dcce15223b720
Details	sha256	5	f96ecd567d9a05a6adb33f07880eebf1d6a8709512302e363377065ca8f98f56
Details	sha256	6	fcefe50ed02c8d315272a94f860451bfd3d86fa6ffac215e69dfa26a7a5deced
Details	sha256	5	fef674fce37d5de43a4d36e86b2c0851d738f110a0d48bae4b2dab4c6a2c373e
Details	sha256	6	7b15f570a23a5c5ce8ff942da60834a9d0549ea3ea9f34f900a09331325df893
Details	sha256	6	40126ae71b857dd22db39611c25d3d5dd0e60316b72830e930fba9baf23973ce
Details	sha256	10	1fd07b8d1728e416f897bef4f1471126f9b18ef108eb952f4b75050da22e8e43
Details	sha256	5	0c1eb11de3a533689267ba075e49d93d55308525c04d6aff0d2c54d1f52f5500
Details	sha256	4	2621c5c7e1c12560c6062fdf2eeeb815de4ce3856376022a1a9f8421b4bae8e1
Details	sha256	5	2b15e09b98bc2835a4430c4560d3f5b25011141c9efa4331f66e9a707e2a23c0
Details	sha256	7	3e3fad9888856ce195c9c239ad014074f687ba288c78ef26660be93ddd97289e
Details	sha256	4	47635e2cf9d41cab4b73f2a37e6a59a7de29428b75a7b4481205aee4330d4d19
Details	sha256	4	67aea3de7ab23b72e02347cbf6514f28fb726d313e62934b5de6d154215ee733
Details	sha256	4	6ef9a0b6301d737763f6c59ae6d5b3be4cf38941a69517be0f069d0a35f394dd
Details	sha256	4	7731d73e048a351205615821b90ed4f2507abc65acf4d6fe30ecdb211f0b0872
Details	sha256	7	7cd7c04c62d2a8b4697ceebbe7dd95c910d687e4a6989c1d839117e55c1cafd7
Details	sha256	4	9ab19741ac36e198fb2fd912620bf320aa7fdeeeb8d4a9e956f3eb3d2092c92c
Details	sha256	7	cb48e4298b216ae532cfd3c89c8f2cbd1e32bb402866d2c81682c6671aa4f8ea
Details	sha256	4	ccd78d3eba6c53959835c6407d81262d3094e8d06bf2712fefa4b04baadd4bfe
Details	sha256	6	0bfe25de8c46834e9a7c216f99057d855e272eafafdfef98a6012cecbbdcfabf
Details	sha256	1	30ec95419903a9d9a9ec5fd89088162d14621dbe4a1400c22c778aa049572fa8
Details	sha256	1	b89db7a403deb3c4ffeb5828572ceb2660ab293d435f40546c90dce74624e64b
Details	sha256	1	c4e343404e572ffaa230fb6a4f5c52ca4ba7da9d356295c7b1381515748b0db2
Details	sha256	1	d39e9ba92b07f4d50b11a49965e9b162452d7b9c9f26d9dcb07825727e31057e
Details	sha256	1	c705bc7e3f6a563d91d0ff353748e0d95a2c2c27393b4999ce873b9e8e424c0a
Details	sha256	1	af9f95497b8503af1a399bc6f070c3bbeabc5aeecd8c09bca80495831ae71e61
Details	sha256	1	c4a2227cd8d85128eafef8ee2298aa105da892c8b0f37405667c2d1647c35c46
Details	sha256	1	8d16a23d5a5630502b09c33fbc571d2261c6c98fecc3a79a1e1129354f930d0a
Details	sha256	1	01ce9cfebb29596d0ab7c99e8dbadf1a8409750b183e6bf73e0de021b365be13
Details	sha256	1	a0a4a99948e12309f54911264261d96f0e40d5fd695bab82e95fbc1f9024482e
Details	sha256	1	9bbc9784ce3c818a127debfe710ec6ce21e7c9dd0daf4e30b8506a6dba533db4
Details	sha256	1	146335b1be627318ac09476f0c8f8e6e027805e6077673f72d6dce1677a24c78
Details	sha256	1	25a6f82936134a6c5c0066f382530b9d6bf2c8da6feafe028f166b1a9d7283cf
Details	sha256	1	e813f8faf3aa2eb20e285596413f5088b2d7fd153fe9f72f3ff45735d0fddced
Details	sha256	1	e3d7c012040962acd66f395d1c5c5f73f305aa1058f2111e8e37d9cb213b80c4
Details	sha256	1	c798b2690c5f16eb2917a679af3117cfe9c7060fa8bc84ffc3159338ef33508e
Details	sha256	1	3041dfc13f356c2f0133a9c11a258f87cb7de1e17bc435e9b623d74bc5e1c6be
Details	sha256	1	8f87a1542ee790623896bbaab933d1883484de02a7b3d65d6c791d50173a923d
Details	IPv4	3	194.26.29.235
Details	MITRE ATT&CK Techniques	493	T1486
Details	MITRE ATT&CK Techniques	284	T1490
Details	MITRE ATT&CK Techniques	647	T1027
Details	MITRE ATT&CK Techniques	316	T1047
Details	MITRE ATT&CK Techniques	359	T1036
Details	MITRE ATT&CK Techniques	721	T1059
Details	MITRE ATT&CK Techniques	239	T1562
Details	MITRE ATT&CK Techniques	558	T1112
Details	MITRE ATT&CK Techniques	426	T1204
Details	MITRE ATT&CK Techniques	458	T1055
Details	MITRE ATT&CK Techniques	23	T1557
Details	Url	2	http://bianlivemqbawcco4cx4a672k2fip3guyxudzurfqvdszafam3ofqgqd.onion
Details	Url	2	http://bianlianlbc5an4kgnay3opdemgcryg2kpfcbgczopmm3dnbz3uaunad.onion
Details	Url	2	http://weg7sdx54bevnvulapqu6bpzwztryeflq3s23tegbmnhkbpqz637f2yd.onion/?id=[id]
Details	Url	1	https://1tvnews.af/xmlrpc.php
Details	Url	1	https://avpvuurwerk.nl/xmlrpc.php
Details	Url	1	https://beautyhabits.gr/xmlrpc.php
Details	Url	1	https://interpolyaris.ru/xmlrpc.php
Details	Url	1	https://libertygospeltracts.com/xmlrpc.php
Details	Url	1	https://oldtimertreffen-rethem.de/xmlrpc.php
Details	Url	1	https://parencyivf.com/xmlrpc.php
Details	Url	1	https://pikaluna.com/xmlrpc.php
Details	Url	1	https://stroeck.at/xmlrpc.php