ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs

Tags

country:	Russia Ukraine
attack-pattern:	Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Template Injection - T1221 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	d3d56d0f-ab08-430e-b725-81abe3db95e3
Fingerprint	a62701f199916f09
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 2, 2023, 11:56 a.m.
Added to db	June 5, 2023, 2:44 p.m.
Last updated	Sept. 2, 2024, 10:01 p.m.
Headline	Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
Title	Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
Detected Hints/Tags/Attributes	47/2/16

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-apt-group-gamaredon-aka-shuckworm-active-iocs-3/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	365	✔	—	https://www.rewterz.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		countless7.absorbeni.ru
Details	Domain	1		countless76.absorbeni.ru
Details	md5	1		bfe2351f2b487c0f357af561792119d5
Details	md5	1		0007bbfd8f5cb8aaad177a475e91cc5c
Details	md5	1		668ec9956c046dbddbd0014e768c50c5
Details	md5	1		44d6644ac271c3fbf7a5522f17ecaa49
Details	sha1	1		affc1f00c2dcc37cc0e3da1c69faaa5355e71514
Details	sha1	1		fe7b1b80dad4aa5e2bd86a6218d4397b274f9277
Details	sha1	1		65565b83dbcba54d231ad53c04c1135f372f3387
Details	sha1	1		fa1f5cf3186661856f2267026f99062eb72a25ed
Details	sha256	1		b5a04e7f45c993f50320bd5beff5f709eb88e5782b0560497653edcff25967d6
Details	sha256	1		c0042307439926f9b5c574d03f522356575906fe5e31c6b7c34e906482c5c459
Details	sha256	1		2d831996a9a719e14d6b700c1324b0a7571aa36638174f10190c2474d16905ea
Details	sha256	1		3b46daabaca50c0e36742b35e7be6279daf4d88497cf32586eb945ea9e60a3fd
Details	Url	1		http://countless7.absorbeni.ru/user-pc/prey/percent/soul/prey/percent.7meb
Details	Url	1		http://countless76.absorbeni.ru/user-pc/soul/percent.76meb