Identify Infrastructure Linked To LockBit 3.0 Ransomware Affiliates By ZoomEye Enhanced New Syntax
Tags
| country: | China |
| attack-pattern: | Data Model Ip Addresses - T1590.005 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 |
Common Information
| Type | Value |
|---|---|
| UUID | b416be23-8e52-4615-9448-01b718117d40 |
| Fingerprint | 99904113c13837e2 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 21, 2024, 7:49 a.m. |
| Added to db | Nov. 21, 2024, 9:12 a.m. |
| Last updated | Nov. 22, 2024, 10:39 p.m. |
| Headline | Identify Infrastructure Linked To LockBit 3.0 Ransomware Affiliates By ZoomEye Enhanced New Syntax |
| Title | Identify Infrastructure Linked To LockBit 3.0 Ransomware Affiliates By ZoomEye Enhanced New Syntax |
| Detected Hints/Tags/Attributes | 50/2/146 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 400 | asp.net |
|
| Details | Domain | 1 | tgekh.com |
|
| Details | Domain | 3 | inforussia.org |
|
| Details | Domain | 1 | konghuo.com.cn |
|
| Details | Domain | 1 | romanet-alu.fr |
|
| Details | Domain | 1 | lyufulreamagmalaw.site |
|
| Details | Domain | 1 | hello.machine-from-china.com |
|
| Details | Domain | 1 | smartcompcloud.com |
|
| Details | Domain | 1 | hidessh.com |
|
| Details | Domain | 1 | webstar-hosting.com |
|
| Details | Domain | 3 | vlast-news.com |
|
| Details | Domain | 3 | cabinet-salyk.kz |
|
| Details | Domain | 1 | myheavy.ddns.net |
|
| Details | Domain | 1 | doit.heavygolden.top |
|
| Details | Domain | 1 | mountinnovate.com |
|
| Details | Domain | 1 | smoothb2b.com |
|
| Details | Domain | 1 | amirieh-clinic.ir |
|
| Details | Domain | 1 | parsehvpnbot.ardafil.com |
|
| Details | Domain | 1 | persianboy.hamayounet.shop |
|
| Details | Domain | 3 | jumia-egy.com |
|
| Details | Domain | 1 | crack.kaliboy.site |
|
| Details | Domain | 474 | www.cisa.gov |
|
| Details | Domain | 3 | osintteam.blog |
|
| Details | Domain | 4 | www.zoomeye.hk |
|
| Details | Domain | 213 | mp.weixin.qq.com |
|
| Details | Domain | 2 | scamalytics.com |
|
| Details | File | 33 | ssl.cer |
|
| Details | sha1 | 1 | 640d37de9314ba0d6dff8b029b0d2e2c19ded001 |
|
| Details | sha1 | 1 | 5edb0e19008feae8d487989fed4984ed299a565d |
|
| Details | sha1 | 1 | 949d2578b3e336f2aeac1c8a92441c911084e53f |
|
| Details | IPv4 | 2 | 185.17.40.178 |
|
| Details | IPv4 | 1 | 146.70.100.81 |
|
| Details | IPv4 | 1 | 146.70.101.106 |
|
| Details | IPv4 | 1 | 146.70.104.172 |
|
| Details | IPv4 | 1 | 146.70.106.171 |
|
| Details | IPv4 | 2 | 146.70.106.174 |
|
| Details | IPv4 | 1 | 146.70.106.73 |
|
| Details | IPv4 | 1 | 146.70.106.76 |
|
| Details | IPv4 | 1 | 146.70.106.86 |
|
| Details | IPv4 | 1 | 146.70.116.9 |
|
| Details | IPv4 | 1 | 146.70.124.70 |
|
| Details | IPv4 | 1 | 146.70.125.107 |
|
| Details | IPv4 | 1 | 146.70.125.121 |
|
| Details | IPv4 | 1 | 146.70.125.82 |
|
| Details | IPv4 | 1 | 146.70.125.83 |
|
| Details | IPv4 | 1 | 146.70.139.229 |
|
| Details | IPv4 | 1 | 146.70.139.231 |
|
| Details | IPv4 | 1 | 146.70.160.57 |
|
| Details | IPv4 | 1 | 146.70.169.144 |
|
| Details | IPv4 | 1 | 146.70.169.159 |
|
| Details | IPv4 | 1 | 146.70.20.218 |
|
| Details | IPv4 | 1 | 146.70.78.40 |
|
| Details | IPv4 | 1 | 146.70.86.235 |
|
| Details | IPv4 | 1 | 146.70.86.51 |
|
| Details | IPv4 | 2 | 146.70.86.61 |
|
| Details | IPv4 | 1 | 185.17.40.153 |
|
| Details | IPv4 | 1 | 185.17.40.188 |
|
| Details | IPv4 | 1 | 185.244.212.103 |
|
| Details | IPv4 | 1 | 188.208.141.197 |
|
| Details | IPv4 | 1 | 194.15.216.219 |
|
| Details | IPv4 | 1 | 194.15.216.23 |
|
| Details | IPv4 | 1 | 194.15.216.232 |
|
| Details | IPv4 | 1 | 194.15.216.78 |
|
| Details | IPv4 | 1 | 194.37.97.179 |
|
| Details | IPv4 | 2 | 217.138.215.79 |
|
| Details | IPv4 | 2 | 217.138.215.85 |
|
| Details | IPv4 | 3 | 23.227.198.203 |
|
| Details | IPv4 | 1 | 37.28.156.21 |
|
| Details | IPv4 | 1 | 37.28.156.23 |
|
| Details | IPv4 | 1 | 37.28.157.16 |
|
| Details | IPv4 | 1 | 37.28.157.35 |
|
| Details | IPv4 | 1 | 37.28.157.38 |
|
| Details | IPv4 | 1 | 69.46.15.167 |
|
| Details | IPv4 | 1 | 78.135.73.154 |
|
| Details | IPv4 | 1 | 78.135.73.167 |
|
| Details | IPv4 | 1 | 84.252.94.179 |
|
| Details | IPv4 | 1 | 84.252.95.224 |
|
| Details | IPv4 | 1 | 84.252.95.254 |
|
| Details | IPv4 | 1 | 89.238.170.250 |
|
| Details | IPv4 | 1 | 89.40.206.90 |
|
| Details | IPv4 | 1 | 89.44.201.69 |
|
| Details | IPv4 | 1 | 89.44.9.88 |
|
| Details | IPv4 | 1 | 91.206.178.75 |
|
| Details | IPv4 | 1 | 193.108.4.76 |
|
| Details | IPv4 | 1 | 185.62.57.11 |
|
| Details | IPv4 | 1 | 145.0.6.14 |
|
| Details | IPv4 | 1 | 20.242.52.93 |
|
| Details | IPv4 | 1 | 54.163.53.159 |
|
| Details | IPv4 | 1 | 66.109.142.164 |
|
| Details | IPv4 | 1 | 94.103.183.224 |
|
| Details | IPv4 | 1 | 185.80.91.150 |
|
| Details | IPv4 | 627 | 0.0.0.0 |
|
| Details | IPv4 | 1 | 176.32.39.22 |
|
| Details | IPv4 | 1 | 185.246.118.114 |
|
| Details | IPv4 | 1 | 194.147.87.221 |
|
| Details | IPv4 | 1 | 194.87.68.164 |
|
| Details | IPv4 | 1 | 194.87.68.88 |
|
| Details | IPv4 | 1 | 194.87.69.245 |
|
| Details | IPv4 | 1 | 195.133.52.206 |
|
| Details | IPv4 | 1 | 45.129.2.242 |
|
| Details | IPv4 | 1 | 45.129.2.63 |
|
| Details | IPv4 | 1 | 45.129.3.107 |
|
| Details | IPv4 | 1 | 45.130.147.73 |
|
| Details | IPv4 | 1 | 45.131.46.193 |
|
| Details | IPv4 | 1 | 45.140.19.105 |
|
| Details | IPv4 | 1 | 45.8.159.172 |
|
| Details | IPv4 | 1 | 46.17.41.17 |
|
| Details | IPv4 | 1 | 46.29.162.81 |
|
| Details | IPv4 | 1 | 46.29.163.230 |
|
| Details | IPv4 | 1 | 146.70.158.198 |
|
| Details | IPv4 | 1 | 194.15.216.113 |
|
| Details | IPv4 | 1 | 146.70.135.159 |
|
| Details | IPv4 | 1 | 146.70.158.171 |
|
| Details | IPv4 | 1 | 146.70.35.144 |
|
| Details | IPv4 | 1 | 146.70.35.164 |
|
| Details | IPv4 | 1 | 146.70.35.169 |
|
| Details | IPv4 | 1 | 146.70.35.242 |
|
| Details | IPv4 | 1 | 146.70.35.243 |
|
| Details | IPv4 | 1 | 146.70.35.250 |
|
| Details | IPv4 | 1 | 185.156.172.103 |
|
| Details | IPv4 | 1 | 185.156.172.18 |
|
| Details | IPv4 | 3 | 185.156.172.20 |
|
| Details | IPv4 | 3 | 185.156.172.48 |
|
| Details | IPv4 | 1 | 185.156.172.67 |
|
| Details | IPv4 | 1 | 185.156.172.72 |
|
| Details | IPv4 | 1 | 185.200.119.98 |
|
| Details | IPv4 | 1 | 37.120.238.16 |
|
| Details | IPv4 | 1 | 37.120.239.224 |
|
| Details | IPv4 | 1 | 37.120.239.72 |
|
| Details | IPv4 | 1 | 79.110.52.133 |
|
| Details | IPv4 | 3 | 79.110.52.196 |
|
| Details | IPv4 | 1 | 79.110.52.233 |
|
| Details | IPv4 | 1 | 79.110.52.26 |
|
| Details | IPv4 | 1 | 79.110.52.32 |
|
| Details | IPv4 | 1 | 79.110.52.45 |
|
| Details | IPv4 | 1 | 79.110.52.60 |
|
| Details | IPv4 | 1 | 79.110.52.74 |
|
| Details | IPv4 | 1 | 79.110.52.76 |
|
| Details | IPv4 | 1 | 79.110.52.80 |
|
| Details | IPv4 | 1 | 79.110.52.95 |
|
| Details | Url | 2 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a |
|
| Details | Url | 1 | https://osintteam.blog/infrastructure-analysis-lockbit-3-0-799a4ff1ca59 |
|
| Details | Url | 1 | https://www.zoomeye.hk/v2 |
|
| Details | Url | 1 | https://mp.weixin.qq.com/s/um-5rcnc4m5pvshbr_dcvq |
|
| Details | Url | 1 | https://scamalytics.com/ip/isp/m247-europe-srl |
|
| Details | Url | 1 | https://scamalytics.com/ip/isp/artnet-sp-z-o-o |