Rewterz Threat Alert – Lokibot IOCs - Rewterz
Tags
attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 |
Common Information
Type | Value |
---|---|
UUID | d08c19f2-9218-49a6-b0e4-635201f39f5a |
Fingerprint | a5966071ca9feb4f |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Sept. 1, 2020, 6 p.m. |
Added to db | Dec. 19, 2024, 5:23 a.m. |
Last updated | Dec. 19, 2024, 8:18 p.m. |
Headline | Rewterz Threat Alert – Lokibot IOCs |
Title | Rewterz Threat Alert – Lokibot IOCs - Rewterz |
Detected Hints/Tags/Attributes | 21/1/12 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://www.rewterz.com/rewterz-news/rewterz-threat-alert-lokibot-iocs-2 |
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 2 | joovy.ga |
|
Details | Domain | 1 | greenstdykegheedahatakankeadeshnaa27gqc.duckdns.org |
|
Details | Domain | 3 | s3.rokket.space |
|
Details | Domain | 4 | mecharnise.ir |
|
Details | Domain | 1 | www.onlygodem.com |
|
Details | IPv4 | 1 | 103.125.191.78 |
|
Details | Url | 1 | http://joovy.ga/ibiki/gate.php |
|
Details | Url | 1 | http://greenstdykegheedahatakankeadeshnaa27gqc.duckdns.org/office360/regasm.exe |
|
Details | Url | 1 | https://s3.rokket.space/t_bu3clg.txt |
|
Details | Url | 1 | http://103.125.191.78/receipt/invoice_85258.doc |
|
Details | Url | 1 | http://mecharnise.ir/urg/fre.php |
|
Details | Url | 1 | http://www.onlygodem.com/urg.exe |