IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

VexTrio at the Center of Affiliate Cybercrime Program | Infoblox

DATE : 2024-01-23T07:00:00
SOURCE : infoblox.com

FILE_HASH_SHA1:
bbbe8b316bd91375526d83841483fc9a11904255

FILE_HASH_SHA256:
e2bb1401d6b8d6038ff8411fd0f6280890ecd1f32e3e90f4c7fededf28301339

Domain:
rmceoin.github.io
malwarebytes.com
nozominetworks.com
blog.sucuri.net
doi.org
blog.leadbit.com
decoded.avast.io
publicwww.com
logsmetrics.com
webdatatrace.com
prom-gg.com
go.clicksme.org
machinetext.org
greatbonushere.top
tiktok.megastok.top
antibotcloud.com
antibot.cloud
tinyurl.com
t.co
benaughty.com
beget.ru
hixastump.com
a.crystalcraft.top
marybskitchen.com
getquery.org
quaryget.org
greenpapers.org
dailytickyclock.org
tiktok.supersbows.us
tiktok.tomorrows.top
tiktok.superbowsm.top
d.strouchridun.top
claimyourprize48.live

Url:
https://rmceoin.github.io/malware-analysis/clearfake
https://www.malwarebytes.com/blog/threat-intelligence/2023/07/socgholish-copycat-delivers-netsupport-rat
https://www.nozominetworks.com/blog/tracking-malicious-glupteba-activity-through-the-blockchai
https://blog.sucuri.net/2023/08/from-google-dns-to-tech-support-scam-sites-unmasking-the-malware-trail.html
https://doi.org/10.1145/3442381.3450071
https://blog.leadbit.com/tds-what-is-it
https://decoded.avast.io/janrubin/parrot-tds-takes-over-web-servers-and-threatens-millio
https://publicwww.com/websites/depth%3A0%22b64_to_utf8%22