GHOSTPULSE Malware IOCs - Part 2 - SEC-1275-1
Tags
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086 |
Common Information
| Type | Value |
|---|---|
| UUID | cad27759-bae3-42e1-9469-7793c47b6dbd |
| Fingerprint | a6ba43e24059bfca |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 24, 2024, midnight |
| Added to db | Oct. 24, 2024, 9:08 a.m. |
| Last updated | Dec. 17, 2024, 8:41 a.m. |
| Headline | GHOSTPULSE Malware IOCs - Part 2 |
| Title | GHOSTPULSE Malware IOCs - Part 2 - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 6/1/12 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://1275.ru/ioc/7134/ghostpulse-malware-iocs-part-2/?mtm_campaign=rss |
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | drawzhotdog.shop |
|
| Details | Domain | 4 | fragnantbui.shop |
|
| Details | Domain | 4 | ghostreedmnu.shop |
|
| Details | Domain | 4 | gutterydhowi.shop |
|
| Details | Domain | 4 | offensivedzvju.shop |
|
| Details | Domain | 4 | reinforcenh.shop |
|
| Details | Domain | 2 | riderratttinow.shop |
|
| Details | Domain | 4 | stogeneratmns.shop |
|
| Details | Domain | 4 | vozmeatillu.shop |
|
| Details | Domain | 2 | winrar01.b-cdn.net |
|
| Details | sha256 | 2 | 57ebf79c384366162cb0f13de0de4fc1300ebb733584e2d8887505f22f877077 |
|
| Details | sha256 | 2 | b54d9db283e6c958697bfc4f97a5dd0ba585bc1d05267569264a2d700f0799ae |