ioc[.]one - OSINT Cyber Threat Intelligence Database

Iranian Cyber Threats - APT42 & HomeLand Justice

Tags

country:	Albania Australia Iran Russia United Kingdom United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Email Accounts - T1585.002 Email Accounts - T1586.002 Email Addresses - T1589.002 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Network Devices - T1584.008 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Vulnerability Scanning - T1595.002 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	a3fa9223-ed24-4d23-ba10-846a09a4a398
Fingerprint	81b28c95ac55e669
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 25, 2022, midnight
Added to db	Nov. 29, 2022, 10:12 a.m.
Last updated	Nov. 17, 2024, 5:55 p.m.
Headline	Iranian Cyber Threats - APT42 & HomeLand Justice
Title	Iranian Cyber Threats - APT42 & HomeLand Justice
Detected Hints/Tags/Attributes	137/3/112

Source URLs

	Redirection	Url
Details	Source	https://www.avertium.com/resources/threat-reports/iranian-cyber-threats-apt42-and-homeland

URL Provider

Details	Provider	Source level domain
Details	avertium.com	www.avertium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	274	✔	Threat Reports	https://www.avertium.com/resources/threat-reports/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	6	treasury.gov
Details	Domain	2	hivepro.com
Details	Domain	24	duo.com
Details	Domain	24	scmagazine.com
Details	Domain	10	picussecurity.com
Details	Domain	1	theiet.org
Details	Domain	3	axios.com
Details	File	104	sqlite3.dll
Details	File	1	splite3.dll
Details	md5	5	00b5d45433391146ce98cd70a91bef08
Details	md5	3	04a6997f0a8021b773ebb49977bc625f
Details	md5	4	0a3f454f94ef0f723ac6a4ad3f5bdf01
Details	md5	2	335849d8fb13a4a189ba92af9bdf5d1d
Details	md5	3	34d37f64613f3fe00086ac8d5972db89
Details	md5	2	3c6302fb6bdb953e2073a54b928fad9c
Details	md5	4	3d67ce57aab4f7f917cf87c724ed7dab
Details	md5	2	60e6523d29e8a9b83f4503f2e7fd7e1d
Details	md5	3	63cd07e805bcd4135a8e3a29fa3ceebd
Details	md5	3	651d72776c0394693c25b1e3c9ec55d0
Details	md5	2	88df70a0e21fb48e0f881fb91a2eaade
Details	md5	3	8a847b0f466b3174741aac734989aa73
Details	md5	3	8e0eb3ceb1bbe736beaf64353dda1908
Details	md5	2	96444ed552ea5588dffca6a5a05298e9
Details	md5	2	9a1e09b7ce904eefb83dc8d7571826f9
Details	md5	2	9bd1caf6b79f6a69981a15d649a04c19
Details	md5	3	9d0e761f3803889dc83c180901dc7b22
Details	md5	2	9dd30569aaf57d6115e1d181b78df6b5
Details	md5	2	a04c2c3388da643ef67504ef8c6907fb
Details	md5	3	ae797446710e375f0fc9a33432d64256
Details	md5	2	afb5760c05db35a34c5dc41108ba72c2
Details	md5	3	b7bc6a853f160df2cc64371467ed866d
Details	md5	3	bdf188b3d0939ec837987b4936b19570
Details	md5	2	d30abec551b0fb512dc2c327eeca3c43
Details	md5	3	da7d37bfb899a0094995944d4c5e2f21
Details	md5	4	df02a8a7cb2afb80cc2b789d96f02715
Details	md5	3	f3d25b1cedf39beee751eb9b2d8d2376
Details	sha1	4	03d7ffd758e98c9a2c8c4716c93f09687000e22e
Details	sha1	3	03eadb4ab93a1a0232cb40b7d2ef179a1cd0174d
Details	sha1	2	08270b049ae33f0bcd1d207ed77f999d51a09d94
Details	sha1	3	08d2aea84d6c148ff2ad4653856fb080eb99abf2
Details	sha1	2	1504da49f6fe8638c7e39d4bcb547fbb15376462
Details	sha1	2	186f07279ac0f15cc7be5caf68addabb2091bc84
Details	sha1	3	2374f5a9278b209563e8193847a76c25c12eec8f
Details	sha1	2	280b64c0156f101eaad3f31dbe91f0c1137627dc
Details	sha1	2	29175a0015909186f69f827630ef3fe2c1c5302c
Details	sha1	3	3b9a2e34f5d603b55cf7fd223d4e5c784b805242
Details	sha1	2	448e6d519a340845a55b4b1809488427c0d79cdd
Details	sha1	3	470b850363677d3d54629a92ac8b5143f4584a09
Details	sha1	2	6303907ec7d1d591efffe876720a0ab051bfd429
Details	sha1	3	66d36d0b170cf1a0001cca16357961a2f28cba60
Details	sha1	2	75b7db0597f234838e7c8431b57870411842775d
Details	sha1	4	7649c554e87f6ea21ba86bb26ea39521d5d18151
Details	sha1	2	8f2bc0d6adfb4cad43fdda9f3d732c859eb79e35
Details	sha1	3	9624d9613fe8cdc6833888b9e68892565e3a5d11
Details	sha1	3	aba938bf8dc5445df3d5b77a42db4d6643db4383
Details	sha1	2	b66ae149bbdfc7ec6875f59ec9f4a5ae1756f8ba
Details	sha1	2	c760adecea4dbb4dd262cb3f3848f993d5007b2e
Details	sha1	3	d08982960d71a101b87b1896fd841433b66c7262
Details	sha1	3	dbb64b0202bb4da6796279b5fa88262a6e31787e
Details	sha1	3	e3712e3d818e63060e30aec2a6db3598cbf0db92
Details	sha1	3	e45aeccb798f5cf6cb5d877821d1f4aa7f55cf6f
Details	sha1	2	e8f50ecea1a986b4f8b00836f7f00968a6ecba4f
Details	sha1	3	ecf9b7283fda023fa37ad7fdb15be4eadded4e06
Details	sha256	4	f116acc6508843f59e59fb5a8d643370dce82f492a217764521f46a856cc4cb5
Details	sha256	4	e1204ebbd8f15dbf5f2e41dddc5337e3182fc4daf75b05acc948b8b965480ca0
Details	sha256	4	bad65769c0b416bb16a82b5be11f1d4788239f8b2ba77ae57948b53a69e230a6
Details	sha256	3	bb45d8ffe245c361c04cca44d0df6e6bd7596cabd70070ffe0d9f519e3b620ea
Details	sha256	2	e67c7dbd51ba94ac4549cc9bcaabb97276e55aa20be9fae909f947b5b7691e6b
Details	sha256	2	ac4809764857a44b269b549f82d8d04c1294c420baa6b53e2f6b6cb4a3f7e9bd
Details	sha256	3	d1bec48c2a6a014d3708d210d48b68c545ac086f103016a20e862ac4a189279e
Details	sha256	2	d145058398705d8e20468332162964dce5d9e2ad419f03b61adf64c7e6d26de5
Details	sha256	2	1c926d4bf1a99b59391649f56abf9cd59548f5fcf6a0d923188e7e3cab1c95d0
Details	sha256	4	fb49dce92f9a028a1da3045f705a574f3c1997fe947e2c69699b17f07e5a552b
Details	sha256	4	45bf0057b3121c6e444b316afafdd802d16083282d1cbfde3cdbf2a9d0915ace
Details	sha256	2	dfd631e4d1f94f7573861cf438f5a33fe8633238d8d51759d88658e4fbac160a
Details	sha256	2	734b4c06a283982c6c3d2952df53e0b21e55f3805e55a6ace8379119d7ec1b1d
Details	sha256	3	f8db380cc495e98c38a9fb505acba6574cbb18cfe5d7a2bb6807ad1633bf2df8
Details	sha256	2	0b647d07bba697644e8a00cdcc8668bb83da656f3dee10c852eb11effe414a7e
Details	sha256	4	7ad64b64e0a4e510be42ba631868bbda8779139dc0daad9395ab048306cc83c5
Details	sha256	4	cad2bc224108142b5aa19d787c19df236b0d12c779273d05f9b0298a63dc1fe5
Details	sha256	2	63dd02c371e84323c4fd9a161a75e0f525423219e8a6ec1b95dd9eda182af2c9
Details	sha256	3	3c9dc8ada56adf9cebfc501a2d3946680dcb0534a137e2e27a7fcb5994cd9de6
Details	sha256	2	003676e6240421426e5c0919eb40bdde52b383eb1c54596deb77218c3885cdc5
Details	sha256	2	110c77f66a8d4d8ccc9dc468744302cf368efd071e3e4af39338b699f6bc7808
Details	sha256	2	21c5661eb5e54d537c6c9394d7bd4accf53e06851978a36c94b649c4f404a42e
Details	sha256	4	28de2ccff30a4f198670b66b6f9a0ce5f5f9b7f889c2f5e6a4e365dea1c89d53
Details	sha256	2	2c33b1dd793ad5e59180719d078301ee7ebb6cf7465286c19b042accca6ac749
Details	sha256	5	2c92da2721466bfbdaff7fedd9f3e8334b688a88ee54d7cab491e1a9df41258f
Details	sha256	2	3cad59c65ee1e261658c2489dc45a7c6875d8ccb917d291d282e48bca1b74752
Details	sha256	2	4bcc2ad5b577954a6bd23aff16566ce0784a71f9526a5ae849347ae766f4033f
Details	sha256	3	5d3ff202f20af915863eee45916412a271bae1ea3a0e20988309c16723ce4da5
Details	sha256	2	5ee98a677f58b897df3287448e63a1a781d312d2a951f438e1d7e4ab658fa4a0
Details	sha256	2	6618051ea0c45d667c9d9594d676bc1f4adadd8cb30e0138489fee05ce91a9cb
Details	sha256	2	734d9639fcfffef1a3c360269ccc1cda4f1d0e9dc857fa438f945e807b022c21
Details	sha256	3	7a650d3b1e511a05d0441484c7c7df59a63003ce77cd4eb7081323fd79d2b9a3
Details	sha256	2	7eb564f0afc23cc8186e67f8c0d7e6c80215b75c9f0c4b35f558a9e35743ca41
Details	sha256	3	90e5fa3f382c5b15a85484c17c15338a6c8dbc2b0ca4fb73c521892bd853f226
Details	sha256	2	9410963ede9702e7b74b4057fee952250ded09f85a4bb477d45a64f2352ec811
Details	sha256	2	971c5b5396ee37827635badea90d26d395b08d17cbe9e8027dc87b120f8bc0a2
Details	sha256	2	9f2bc9aebb3ee87cfbdef1716b5f67834db305cf400b41b278d5458800c5eeeb
Details	sha256	2	a37a290863fe29b9812e819e4c5b047c44e7a7d7c40e33da6f5662e1957862ab
Details	IPv4	4	144.76.6.34
Details	IPv4	4	148.251.232.252
Details	IPv4	3	148.251.233.231
Details	IPv4	4	176.9.18.143
Details	IPv4	3	185.82.72.111
Details	IPv4	3	216.24.219.65
Details	IPv4	3	216.24.219.64
Details	IPv4	3	46.30.189.66
Details	Mandiant Uncategorized Groups	20	UNC2448
Details	Threat Actor Identifier - APT	121	APT42
Details	Threat Actor Identifier - APT	194	APT35