ioc[.]one - OSINT Cyber Threat Intelligence Database

A Song of Intel and Fancy | ThreatConnect

Tags

country:	Canada
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Ip Addresses - T1590.005 Server - T1583.004 Server - T1584.004 Whois - T1596.002

Show in Graph

Common Information

Type	Value
UUID	a7bb3240-0608-4393-bdb7-daa61731a249
Fingerprint	e75086d9283ac7ef
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 16, 2018, midnight
Added to db	Jan. 18, 2023, 10:39 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	A Song of Intel and Fancy
Title	A Song of Intel and Fancy \| ThreatConnect
Detected Hints/Tags/Attributes	57/2/203

Source URLs

	Redirection	Url
Details	Source	https://threatconnect.com/blog/using-fancy-bear-ssl-certificate-information-to-identify-their-infrastructure/

URL Provider

Details	Provider	Source level domain
Details	threatconnect.com	threatconnect.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	sapo.pt
Details	Domain	136	mail.com
Details	Domain	5	centrum.cz
Details	Domain	144	cock.li
Details	Domain	1	remsupport.org
Details	Domain	1	ecitcom.net
Details	Domain	1	webversionact.org
Details	Domain	1	mdcrewonline.com
Details	Domain	3	cdnverify.net
Details	Domain	1	nomartung.org
Details	Domain	1	europehistoricalmuseum.com
Details	Domain	2	supservermgr.com
Details	Domain	2	satellitedeluxpanorama.com
Details	Domain	1	webviewres.net
Details	Domain	1	vermasterss.com
Details	Domain	1	funnymems.com
Details	Domain	1	space-delivery.com
Details	Domain	1	travelbern.com
Details	Domain	3	myinvestgroup.com
Details	Domain	1	nanetsdeb.com
Details	Domain	1	fastphotobucket.com
Details	Domain	1	rapidfileuploader.org
Details	Domain	2	viters.org
Details	Domain	5	mvtband.net
Details	Domain	1	spelns.com
Details	Domain	3	wmdmediacodecs.com
Details	Domain	1	acrobatportable.com
Details	Domain	1	lgemon.org
Details	Domain	1	lowprt.org
Details	Domain	1	evbrax.org
Details	Domain	1	wsusconnect.com
Details	Domain	1	gtranm.com
Details	Domain	1	reportscanprotecting.org
Details	Domain	1	runvercheck.com
Details	Domain	1	noticermk.com
Details	Domain	2	globaltechresearch.org
Details	Domain	1	applecloudupdate.com
Details	Domain	2	joshel.com
Details	Domain	2	akamaisoftupdate.com
Details	Domain	2	ppcodecs.com
Details	Domain	2	appservicegroup.com
Details	Domain	1	dateosx.com
Details	Domain	1	dowssys.com
Details	Domain	1	microsoftstoreservice.com
Details	Domain	1	microsoftdccenter.com
Details	Domain	1	mvsband.com
Details	Domain	1	dvsservice.com
Details	Domain	1	akamaitechupdate.com
Details	Domain	1	adobeupdatetechnology.com
Details	Domain	3	ns-canada.topdns.com
Details	Domain	2	ns1.ititch.com
Details	Domain	1	stvl113289.earth.obox-dns.com
Details	Domain	1	ns1.bulletdns.net
Details	Domain	1	ns1.njal.la
Details	Domain	1	ns1.ipstates.net
Details	Domain	4	1-you.njalla.no
Details	Domain	46	firemail.cc
Details	Domain	1	ns1.nemohosts.com
Details	Domain	1	stvl113289.mercury.obox-dns.com
Details	Domain	1	ns4.ititch.com
Details	Domain	8	gmx.net
Details	Domain	7	europe.com
Details	Domain	3	ns1.carbon2u.com
Details	Domain	7	engineer.com
Details	Domain	2	apptaskserver.com
Details	Domain	11	post.com
Details	Domain	14	openmailbox.org
Details	Domain	4	1a7ea920.bitcoin-dns.hosting
Details	Domain	1	dvsservice.net
Details	Domain	1	rndversion.net
Details	Domain	1	dowstem.com
Details	Email	1	declan.jefferson@sapo.pt
Details	Email	1	htomary@cock.li
Details	Email	1	reynoso89@cock.li
Details	Email	1	elbertnagel@cock.li
Details	Email	1	gabrielromao@sapo.pt
Details	Email	1	loisoji@firemail.cc
Details	Email	1	k0koth@sapo.pt
Details	Email	1	istakav@cock.li
Details	Email	1	ezgune@cock.li
Details	Email	1	avramberkovic@centrum.cz
Details	Email	1	jul_marian@centrum.cz
Details	Email	1	kern82@gmx.net
Details	Email	1	wee7_nim@centrum.cz
Details	Email	1	abor.g.s@europe.com
Details	Email	1	cauel-mino@centrum.cz
Details	Email	1	ja.philip@centrum.cz
Details	Email	1	frfdccr42@centrum.cz
Details	Email	2	morata_al@mail.com
Details	Email	2	germsuz86@centrum.cz
Details	Email	1	ll1kllan@engineer.com
Details	Email	2	mahuudd@centrum.cz
Details	Email	1	laurent1983@mail.com
Details	Email	2	partanencomp@mail.com
Details	Email	2	olivier_servgr@mail.com
Details	Email	1	chpiost8n@post.com
Details	Email	1	milimil0702@mail.com
Details	Email	1	adam_corbett@mail.com
Details	Email	1	iflatley@openmailbox.org
Details	Email	1	craft030795@mail.com
Details	Email	1	pirlo.vasces@mail.com
Details	Email	1	fernando2011@post.com
Details	Email	1	guiromolly@mail.com
Details	Email	1	best.cameron@mail.com
Details	sha1	1	46ce0b05f302e0d855e9cc751100299345466581
Details	sha1	1	62e1045ae816b5f44cb43ab52ecb8e4534b63147
Details	sha1	1	1e185ee8ac3c3eafcc2b4d842ed5711b9c62a305
Details	sha1	1	43df735cfea482ffc27252ae08c94f359c499f69
Details	sha1	1	9d73605a130c377909fe463bc68ac83f73c04a46
Details	sha1	1	fcc696070de34157a02c46aa765c3c7969677fea
Details	sha1	1	126e9d0cf80badf7810859fc116267d40ed1c58b
Details	sha1	1	9153efa5001c67fdce4bb861f8758cd90b072901
Details	sha1	1	739e8cc0519aeeb8dd1417e45f9577bd394684f0
Details	sha1	1	ffd3a351d6d438405a917af66634091673bbd96b
Details	sha1	1	89bba1abb0078ffab8dbf2cfa85697b147d8223d
Details	sha1	1	3f17cbb5792e6b9ff8607b23bbc8ad40c735819c
Details	sha1	1	6860d7aabef2f2382476d9a350c225956bf351c7
Details	sha1	1	b86f517d347e53b3b7116682d7f36a3b77fa8bdf
Details	sha1	1	46330eac674b27a4f34ba6864a74bfef59998e5c
Details	sha1	1	551a8e0b504fa19e643dae39002bd0b91a5cfa7e
Details	sha1	1	2a71f7ed0de7b89f4a10d329227898edcd3af6ce
Details	sha1	1	b99346a7f7809578330e4763329209c2381d2f95
Details	sha1	1	ea3198f2ef8685a6f8a1303a55fdb7062a6f30b0
Details	sha1	1	b64268d418592d481e13ed6aa4dc233b9dbd486d
Details	sha1	1	9aa7508f1be201120511b1a4bc91e653c82df924
Details	sha1	1	d514a2a79a0e1a046846963797319fe8e00cdbeb
Details	sha1	1	2e53a96a63c8cc17f2824bcdf7c93d64dad45170
Details	sha1	1	b07d766664cfa183dba3ee32ab35ed32c7f501c2
Details	sha1	1	f9abac0f831e9ea43727a02810ebd6969e8e5951
Details	sha1	1	37ab57a30ffd3826a24acd2b3b596d7bf160960c
Details	sha1	1	1f2a652a68f9ae6a241aed55d80597222d6c2b21
Details	sha1	1	bd4255444ba646796c16e967ec0aa1dd95a7a0f2
Details	sha1	1	09ab2ae3ff9f175c18786656194a81be5d6ff732
Details	sha1	1	010e271b2c860caba78475f02edcd30d7a896383
Details	sha1	1	513587ce94be7d70b1f6661f22758ec6fd591d11
Details	sha1	1	8dc11f57d69a5583b196c28a9cf816e10a3fa327
Details	sha1	1	edb4339cdfa0b43d8ef5fb49cc9fdcbbbf2208be
Details	sha1	1	0153d822178cd0f0725a9a1438d5b2a49edfe71a
Details	sha1	1	d1a1d61806513cde9b2f8d817a55cc16384f490f
Details	sha1	1	9d54194ba9140c148b8b3eb900dfb7b11ec155e2
Details	sha1	1	9baf76a0a3a4ce78d3c2ce04e64cae0ea604c7aa
Details	sha1	1	7dcf45941d734b4c42c9a1f90d57e1c816610dff
Details	sha1	1	3bc30b4ff457d10651688140b0844fd0d17f4a64
Details	sha1	1	c201e616fe90ae2592c34de03611748510aba143
Details	sha1	1	f6ac5bd6aa52d96d8d413157fbfd1a6be7f65cb7
Details	sha1	1	5be56e0660a001a12c8ef250ff86369c50ca73a8
Details	sha1	1	ea8e4e7882a116ed43db4e5218efb2fd3ba2d116
Details	sha1	1	c3b7df9d2a4eb05d399c336eec4c6ff0688596bd
Details	sha1	1	c5ec8bb4bb5842930da935e13b9bee604e3b6182
Details	sha1	1	f65d9f8f385cf384cee24a6d04df600d575dd5f6
Details	sha1	1	7d5eaecc2c6865a1f846d03b6d3e0b649a36c2c1
Details	IPv4	1	191.101.31.96
Details	IPv4	1	87.121.52.162
Details	IPv4	1	151.80.74.170
Details	IPv4	1	151.80.74.167
Details	IPv4	1	146.185.253.131
Details	IPv4	1	179.43.160.184
Details	IPv4	2	92.222.136.105
Details	IPv4	1	89.34.111.160
Details	IPv4	1	185.216.35.26
Details	IPv4	1	149.255.35.6
Details	IPv4	1	149.255.35.7
Details	IPv4	1	89.37.226.105
Details	IPv4	1	185.86.148.57
Details	IPv4	1	23.227.196.21
Details	IPv4	2	146.185.253.132
Details	IPv4	1	176.223.111.10
Details	IPv4	1	87.120.37.25
Details	IPv4	1	176.223.165.217
Details	IPv4	1	185.86.148.212
Details	IPv4	1	89.33.246.117
Details	IPv4	1	89.44.103.18
Details	IPv4	1	95.215.45.43
Details	IPv4	1	95.215.47.226
Details	IPv4	1	173.243.112.202
Details	IPv4	1	91.108.68.171
Details	IPv4	1	103.41.177.44
Details	IPv4	1	195.12.50.163
Details	IPv4	1	89.42.212.141
Details	IPv4	1	146.0.43.98
Details	IPv4	1	185.156.173.70
Details	IPv4	1	95.215.47.162
Details	IPv4	1	86.105.1.121
Details	IPv4	3	87.236.215.134
Details	IPv4	1	89.45.67.26
Details	IPv4	1	86.105.1.13
Details	IPv4	2	89.45.67.20
Details	IPv4	1	62.113.232.197
Details	IPv4	1	176.223.111.237
Details	IPv4	2	46.102.152.132
Details	IPv4	1	179.43.128.75
Details	IPv4	1	86.105.18.146
Details	IPv4	1	87.236.215.21
Details	IPv4	1	191.96.249.31
Details	IPv4	1	95.215.44.247
Details	IPv4	1	95.215.44.240
Details	IPv4	3	51.254.76.54
Details	IPv4	3	185.86.148.14
Details	IPv4	1	51.254.158.57
Details	IPv4	1	87.236.215.5
Details	IPv4	1	185.61.149.24
Details	IPv4	1	80.83.115.187
Details	Threat Actor Identifier - APT	783	APT28