Head Mare APT IOCs - SEC-1275-1
Tags
attack-pattern: | Data Powershell - T1059.001 Powershell - T1086 |
Common Information
Type | Value |
---|---|
UUID | d20a5176-7add-4cb8-84b8-314d07f2fbdd |
Fingerprint | 4638d5e903c7495b |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Dec. 11, 2024, midnight |
Added to db | Dec. 11, 2024, 7:11 a.m. |
Last updated | Dec. 19, 2024, 6:11 p.m. |
Headline | Head Mare APT IOCs |
Title | Head Mare APT IOCs - SEC-1275-1 |
Detected Hints/Tags/Attributes | 10/1/30 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://1275.ru/ioc/8376/head-mare-apt-iocs-2/?mtm_campaign=rss |
URL Provider
Details | Provider | Source level domain |
---|---|---|
Details | 1275.ru | 1275.ru |
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 4 | city-tuning.ru |
|
Details | Domain | 19 | filetransfer.io |
|
Details | File | 12 | srvhost.exe |
|
Details | sha256 | 4 | 0f578e437f5c09fb81059f4b5e6ee0b93cfc0cdf8b31a29abc8396b6137d10c3 |
|
Details | sha256 | 4 | 1a2d1654d8ff10f200c47015d96d2fcb1d4d40ee027beb55bb46199c11b810cc |
|
Details | sha256 | 4 | 2dccb526de9a17a07e39bdedc54fbd66288277f05fb45c7cba56f88df00e86a7 |
|
Details | sha256 | 4 | 44b1f97e1bbdd56afeb1efd477aa4e0ecaa79645032e44c7783f997f377d749f |
|
Details | sha256 | 4 | 4b62da75898d1f685b675e7cbaec24472eb7162474d2fd66f3678fb86322ef0a |
|
Details | sha256 | 4 | 57848d222cfbf05309d7684123128f9a2bffd173f48aa3217590f79612f4c773 |
|
Details | sha256 | 4 | 6ac2d57d066ef791b906c3b4c6b5e5c54081d6657af459115eb6abb1a9d1085d |
|
Details | sha256 | 4 | 8aad7f80f0120d1455320489ff1f807222c02c8703bd46250dd7c3868164ab70 |
|
Details | sha256 | 4 | 9df6afb2afbd903289f3b4794be4768214c223a3024a90f954ae6d2bb093bea3 |
|
Details | sha256 | 4 | dd49fd0e614ac3f6f89bae7b7a6aa9cdab3b338d2a8d11a11a774ecc9d287d6f |
|
Details | IPv4 | 4 | 185.80.91.84 |
|
Details | IPv4 | 6 | 45.10.247.152 |
|
Details | IPv4 | 4 | 45.87.245.53 |
|
Details | Url | 4 | http://185.80.91.84/check |
|
Details | Url | 4 | http://185.80.91.84/command |
|
Details | Url | 4 | http://185.80.91.84/connect |
|
Details | Url | 4 | http://185.80.91.84/init |
|
Details | Url | 4 | http://45.10.247.152/check |
|
Details | Url | 4 | http://45.10.247.152/command |
|
Details | Url | 4 | http://45.10.247.152/connect |
|
Details | Url | 4 | http://45.10.247.152/init |
|
Details | Url | 4 | http://45.87.245.53/check |
|
Details | Url | 4 | http://45.87.245.53/command |
|
Details | Url | 4 | http://45.87.245.53/connect |
|
Details | Url | 4 | http://45.87.245.53/init |
|
Details | Url | 4 | https://city-tuning.ru/collection/srvhost.exe |
|
Details | Url | 4 | https://filetransfer.io/data-package/aivegg6u/download |