Rewterz Threat Alert – LokiBot Malware – IOCs - Rewterz
Tags
attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 |
Common Information
Type | Value |
---|---|
UUID | f85cccf6-3f64-45f5-bc6e-61442f25c427 |
Fingerprint | 85b670658ad5dbdf |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Aug. 4, 2020, 5:50 p.m. |
Added to db | Dec. 19, 2024, 5:54 p.m. |
Last updated | Dec. 19, 2024, 8:18 p.m. |
Headline | Rewterz Threat Alert – LokiBot Malware – IOCs |
Title | Rewterz Threat Alert – LokiBot Malware – IOCs - Rewterz |
Detected Hints/Tags/Attributes | 21/1/12 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | goldrealestate.ga |
|
Details | Domain | 1 | 20greenkegheedahatakankeadeshnaastdyhma.duckdns.org |
|
Details | Domain | 5 | admindepartment.ir |
|
Details | Domain | 6 | admaris.ir |
|
Details | IPv4 | 1 | 103.141.138.119 |
|
Details | Url | 1 | http://103.141.138.119/chprvdoc/svchost.exe |
|
Details | Url | 1 | http://goldrealestate.ga/lee/gate.php |
|
Details | Url | 1 | http://103.141.138.119/receipt/invoice_41881218.doc |
|
Details | Url | 1 | http://goldrealestate.ga/ibiki/gate.php |
|
Details | Url | 1 | http://20greenkegheedahatakankeadeshnaastdyhma.duckdns.org/office360/regasm.exe |
|
Details | Url | 1 | http://admindepartment.ir/mazx/tsbuild.exe |
|
Details | Url | 1 | http://admaris.ir/bobbyx/daninetee.exe |