ioc[.]one - OSINT Cyber Threat Intelligence Database

Report: Ransomware Command-and-Control Providers Unmasked by Halcyon Researchers

Tags

country:	Iran Russia United States Of America U.S. Virgin Islands
attack-pattern:	Models Ip Addresses - T1590.005 Remote Desktop Protocol - T1021.001 Virtual Private Server - T1583.003 Virtual Private Server - T1584.003 Remote Desktop Protocol - T1076

Show in Graph

Common Information

Type	Value
UUID	d2f8a3f5-cf84-4b5d-a84f-aadfafcc8414
Fingerprint	910800f9376496ef
Analysis status	DONE
Considered CTI value	0
Text language
Published	Aug. 1, 2023, midnight
Added to db	Aug. 3, 2023, 9:42 a.m.
Last updated	Aug. 31, 2024, 9:58 p.m.
Headline	Report: Ransomware Command-and-Control Providers Unmasked by Halcyon Researchers
Title	Report: Ransomware Command-and-Control Providers Unmasked by Halcyon Researchers
Detected Hints/Tags/Attributes	42/2/63

Source URLs

	Redirection	Url
Details	Source	https://www.halcyon.ai/blog/report-ransomware-command-and-control-providers-unmasked-by-halcyon-researchers

URL Provider

Details	Provider	Source level domain
Details	halcyon.ai	www.halcyon.ai

Attributes

Details	Type	#Events	Value
Details	Domain	1	mojimetigi.biz
Details	Domain	3	halcyon.ai
Details	File	3	halcyon.ai
Details	sha256	1	4d56e0a878b8a0f04462e7aa2a47d69a6f3a31703563025fb40fb82bab2a2f05
Details	sha256	1	b27ca5155e42e372d37cf2bcbb1f159627881ecbae2e51d41f414429599d37a7
Details	IPv4	1	23.19.58.181
Details	IPv4	1	139.177.146.152
Details	IPv4	1	172.93.201.120
Details	IPv4	1	104.237.193.40
Details	IPv4	1	104.237.193.56
Details	IPv4	1	104.237.194.152
Details	IPv4	1	104.237.219.32
Details	IPv4	1	104.237.219.40
Details	IPv4	1	167.88.4.0
Details	IPv4	1	167.88.4.112
Details	IPv4	1	167.88.4.16
Details	IPv4	1	167.88.4.24
Details	IPv4	1	167.88.4.8
Details	IPv4	1	172.86.120.0
Details	IPv4	1	172.93.179.8
Details	IPv4	1	172.93.179.24
Details	IPv4	1	172.93.179.32
Details	IPv4	1	172.93.179.40
Details	IPv4	1	172.93.179.72
Details	IPv4	1	172.93.179.96
Details	IPv4	1	172.93.179.104
Details	IPv4	1	172.93.179.112
Details	IPv4	1	172.93.179.120
Details	IPv4	1	172.93.179.128
Details	IPv4	1	172.93.179.144
Details	IPv4	1	172.93.179.152
Details	IPv4	1	172.93.179.160
Details	IPv4	1	172.93.179.176
Details	IPv4	1	172.93.179.184
Details	IPv4	1	172.93.179.192
Details	IPv4	1	172.93.179.200
Details	IPv4	1	172.93.179.208
Details	IPv4	1	172.93.179.224
Details	IPv4	1	172.93.179.232
Details	IPv4	1	172.93.179.240
Details	IPv4	1	172.93.179.248
Details	IPv4	1	172.93.181.0
Details	IPv4	1	172.93.193.0
Details	IPv4	1	172.93.201.0
Details	IPv4	1	172.93.204.120
Details	IPv4	1	172.93.205.128
Details	IPv4	1	172.93.205.136
Details	IPv4	1	172.93.205.144
Details	IPv4	1	64.44.101.0
Details	IPv4	1	64.44.102.0
Details	IPv4	1	64.44.134.0
Details	IPv4	1	64.44.134.16
Details	IPv4	1	64.44.134.24
Details	IPv4	1	64.44.134.32
Details	IPv4	1	64.44.134.40
Details	IPv4	1	64.44.134.48
Details	IPv4	1	64.44.134.56
Details	IPv4	1	64.44.135.0
Details	IPv4	1	64.44.140.232
Details	IPv4	1	64.44.141.0
Details	IPv4	1	64.44.51.168
Details	IPv4	1	64.44.97.0
Details	IPv4	1	64.44.98.0