ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Financial Theft - T1657 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	f33c2636-1994-4030-8966-d657f0a7b9d2
Fingerprint	c6690da52c855fec
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 19, 2023, 7:16 a.m.
Added to db	May 2, 2023, 11:20 a.m.
Last updated	Sept. 4, 2024, 6:12 p.m.
Headline	Rewterz Threat Alert – Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
Title	Rewterz Threat Alert – Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
Detected Hints/Tags/Attributes	44/2/58

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-rewterz-threat-alert-qakbot-aka-pinkslipbot-or-qbot-malware-active-iocs/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	365	✔	—	https://www.rewterz.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	aicempresas.cl
Details	Domain	1	moskva.zip
Details	Domain	1	aiff.jo
Details	Domain	1	alirsyad-karawang.or.id
Details	Domain	1	alpinebear.com
Details	Domain	1	apprendaextra.site
Details	Domain	1	artesting.co.uk
Details	Domain	1	babcockjames.com
Details	Domain	1	bafabogados.cl
Details	Domain	1	bakhtaragc.com.af
Details	File	1	moskva.zip
Details	File	1	funk.dat
Details	md5	1	73199fafb60857d7e82e8276053e2e4c
Details	md5	1	6418c9335d34e7a3b5cab64b20813932
Details	md5	1	6dc6d985f38562dc3d835207d2557403
Details	md5	1	7cedf8d750a0a1b8a6493920dee17303
Details	sha1	1	b261d0d8754bed97feb326c06ed4d6d410606b02
Details	sha1	1	3f62a9c5c53262f4845ec8eb438e9d1cf0026219
Details	sha1	1	6f40721f28e724698c4997682964f72371468da4
Details	sha1	1	e757f40759b048a22282293330edeb6aa8e9d27e
Details	sha256	1	b751b2eac3339971150467ad376b337fb21accbd8f66e01b5f5f938fa5038cf7
Details	sha256	1	113dd6f01a7cc01f5bee1bb10e5c9c9330d123758f02e686e71f49681e60f2a9
Details	sha256	1	67d6c8d4a4759c03b32f4e2d185b03e58aa4c0607bb055a51aad6d8300ecbbb0
Details	sha256	1	3d160a9175a4846b5d6b2b6819746113053346506d40911d06df6afb7bccc47c
Details	IPv4	1	128.254.207.60
Details	IPv4	1	216.120.201.169
Details	IPv4	1	216.238.80.217
Details	IPv4	1	45.125.67.156
Details	IPv4	1	94.131.10.39
Details	IPv4	1	193.42.38.141
Details	IPv4	1	176.202.45.209
Details	IPv4	2	72.203.216.98
Details	IPv4	1	136.232.184.134
Details	IPv4	5	183.87.163.165
Details	IPv4	1	2.82.8.80
Details	IPv4	1	68.173.170.110
Details	IPv4	1	100.10.72.114
Details	IPv4	6	12.172.173.82
Details	IPv4	2	92.189.214.236
Details	IPv4	1	84.108.200.161
Details	IPv4	2	86.225.214.138
Details	IPv4	2	147.219.4.194
Details	IPv4	1	45.243.231.146
Details	Url	1	http://aicempresas.cl/sync/moskva.zip
Details	Url	1	http://aiff.jo/sync/moskva.zip
Details	Url	1	http://alirsyad-karawang.or.id/sync/moskva.zip
Details	Url	1	http://alpinebear.com/sync/moskva.zip
Details	Url	1	http://apprendaextra.site/sync/moskva.zip
Details	Url	1	http://artesting.co.uk/sync/moskva.zip
Details	Url	1	http://babcockjames.com/sync/moskva.zip
Details	Url	1	http://bafabogados.cl/sync/moskva.zip
Details	Url	1	http://bakhtaragc.com.af/sync/moskva.zip
Details	Url	1	http://128.254.207.60/funk.dat
Details	Url	1	http://216.120.201.169/funk.dat
Details	Url	1	http://216.238.80.217/funk.dat
Details	Url	1	http://45.125.67.156/funk.dat
Details	Url	1	http://94.131.10.39/funk.dat
Details	Url	1	http://193.42.38.141/funk.dat