Lunar Spider APT IOcs - SEC-1275-1
Tags
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 |
Common Information
| Type | Value |
|---|---|
| UUID | d81db086-0583-4dd9-8d2b-8ae7a6c44905 |
| Fingerprint | 178cec8fc86f0d53 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 11, 2024, midnight |
| Added to db | Nov. 11, 2024, 8:20 a.m. |
| Last updated | Nov. 12, 2024, 3:58 a.m. |
| Headline | Lunar Spider APT IOcs |
| Title | Lunar Spider APT IOcs - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 18/1/43 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://1275.ru/ioc/7949/lunar-spider-apt-iocs/?mtm_campaign=rss |
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 6 | bazarunet.com |
|
| Details | Domain | 2 | eniloramesta.com |
|
| Details | Domain | 6 | greshunka.com |
|
| Details | Domain | 5 | isomicrotich.com |
|
| Details | Domain | 3 | obobobo.com |
|
| Details | Domain | 3 | opewolumeras.com |
|
| Details | Domain | 6 | peronikilinfer.com |
|
| Details | Domain | 4 | restoreviner.com |
|
| Details | Domain | 4 | rilomenifis.com |
|
| Details | Domain | 3 | sosachwaffen.com |
|
| Details | Domain | 7 | tiguanin.com |
|
| Details | Domain | 3 | grupotefex.com |
|
| Details | Domain | 3 | qasertol.club |
|
| Details | File | 3 | das.msi |
|
| Details | File | 2 | citroen.msi |
|
| Details | File | 3 | vpn.msi |
|
| Details | File | 6 | dsa.msi |
|
| Details | File | 3 | best.msi |
|
| Details | File | 3 | dlpagent.msi |
|
| Details | md5 | 3 | 275de1ee6e9c11cb920c879bf6a21339 |
|
| Details | md5 | 3 | 58393294f21c1006efe854eff1b652d5 |
|
| Details | sha256 | 5 | 1b9e17bfbd292075956cc2006983f91e17aed94ebbb0fb370bf83d23b14289fa |
|
| Details | sha256 | 4 | 28f5e949ecad3606c430cea5a34d0f3e7218f239bcfa758a834dceb649e78abc |
|
| Details | sha256 | 3 | 29549b75a198ad3aee4f8b9ea328bc9a73eb0e0d07e36775438bbe7268d453f9 |
|
| Details | sha256 | 4 | 6dabcf67c89c50116c4e8ae0fafb003139c21b3af84e23b57e16a975b7c2341f |
|
| Details | sha256 | 4 | 937d07239cbfee2d34b7f1fae762ac72b52fb2b710e87e02fa758f452aa62913 |
|
| Details | sha256 | 3 | c3f8ebc9cfb7ebe1ebbe3a4210753b271fecf73392fef98519b823a3e7c056c7 |
|
| Details | sha256 | 4 | ea1792f689bfe5ad3597c7f877b66f9fcf80d732e5233293d52d374d50cab991 |
|
| Details | sha256 | 4 | fb242f64edbf8ae36a4cf5a80ba8f21956409b448eb0380949bb9152373db981 |
|
| Details | IPv4 | 4 | 188.119.112.7 |
|
| Details | IPv4 | 3 | 188.119.113.152 |
|
| Details | IPv4 | 3 | 193.32.177.192 |
|
| Details | IPv4 | 4 | 45.14.244.124 |
|
| Details | IPv4 | 4 | 95.164.17.212 |
|
| Details | IPv4 | 4 | 188.119.112.115 |
|
| Details | Url | 4 | http://188.119.112.7/das.msi |
|
| Details | Url | 3 | http://188.119.113.152/citroen.msi |
|
| Details | Url | 3 | http://193.32.177.192/vpn.msi |
|
| Details | Url | 3 | http://45.14.244.124/dsa.msi |
|
| Details | Url | 4 | http://95.164.17.212/best.msi |
|
| Details | Url | 3 | https://188.119.112.115/dlpagent.msi |
|
| Details | Url | 3 | https://grupotefex.com/forms-pubs/about-form-w-4/?msclkid=275de1ee6e9c11cb920c879bf6a21339 |
|
| Details | Url | 2 | https://qasertol.club/forms-pubs/about-form-w-2/?msclkid=58393294f21c1006efe854eff1b652d5 |