IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

New MuddyWater Campaigns After Operation Swords of Iron

DATE : 2024-04-01T07:00:00
SOURCE : malwation.com

FILE_HASH_SHA256:
e89f48a7351c01cbf2f8e31c65a67f76a5ead689bb11e9d4918090a165d4425f
ff2ae62ba88e7068fa142bbe67d7b9398e8ae737a43cf36ace1fcf809776c909
c2f95299d8aa912e1b753f3f0780a00ea6e8b5dab0245d77fcf3b6499677c328
77cb08c7889c7b0d443aeacfdcbc1cc6745d3e3441f4b42ddbf7fde6113491ae
638c7a4f833dc95dbab5f0a81ef03b7d83704e30b5cdc630702475cc9fff86a2
14c270cf53a50867e42120250abca863675d37abf39d60689e58288a9e870144
ffbe988fd797cbb9a1eedb705cf00ebc8277cdbd9a21b6efb40a8bc22c7a43f0
c6128f222f844e699760e32695d405bd5931635ec38ae50eddc17a0976ccefb4
dd2675e2f6835f8a8a0e65e9dbc763ca9229b55af7d212da38b949051ae296a5
cc4cc20b558096855c5d492f7a79b160a809355798be2b824525c98964450492

Domain:
ws.onehub.com
onehub.com
freeupload.store
filetransfer.io
egnyte.com
sync.com
terabox.com
karel.com.tr
chrchill.com
snyc.com
kinneretacil.egnyte.com

Url:
https://ws.onehub.com/files/4mbha9wdhttps://ws.onehub.com/files/kwdphknmhttps://kinneretacil.egnyte.com/fl/wERX5mfnFxhttps://kinneretacil.egnyte.com/fl/gRykrFURtEhttps://freeupload.store/rALE7/wIHItUcE08.msi/downloadhttps://filetransfer.io/data-package/tuMe19fV/download
https://www.gov.il/BlobFolder/reports/alert_1718/he/ALERT-CERT-IL-W-1718.pdf
https://app.threat.zone/submission/66b6a3b3-7a75-4bef-a8a2-355ed20eb503/dynamic-scan-report/overview
https://app.threat.zone/submission/c5fe6cc4-41a7-49f0-b3c7-c22298f5feaf/dynamic-scan-report/overview
https://app.threat.zone/submission/865323e6-e9da-4629-a7ee-827ef432e32b/dynamic-scan-report/overview