IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware

DATE : 2023-12-01T07:00:00
SOURCE : securonix.com

FILE_HASH_SHA256:
8937A510446ED36717BB8180E5E4665C0C5D5BC160046A31B28417C86FB1BA0F
9D576CD022301E7B0C07F8640BDEB55E76FA2EB38F23E4B9E49E2CDBA5F8422D
867143A1C945E7006740422972F670055E83CC0A99B3FA71B14DEABABCA927FE
80BF2731A81C113432F061B397D70CAC72D907C39102513ABE0F2BAE079373E4
75975B0C890F804DAB19F68D7072F8C04C5FE5162D2A4199448FC0E1AD03690B
C576F7F55C4C0304B290B15E70A638B037DF15C69577CD6263329C73416E490E
4C83E46A29106AFBAF5279029D102B489D958781764289B61AB5B618A4307405
0A2CFFFB353B1F14DD696F8E86EA453C49FA3EB35F16E87FF13ECDF875206897
74CC7B9F881CA76CA5B7F7D1760E069731C0E438837E66E78AEE0812122CB32D
947AFAA9CD9C97CABD531541107D9C16885C18DF1AD56D97612DDBC628113AB5
95A73B9FDA6A1669E6467DCF3E0D92F964EDE58789C65082E0B75ADF8D774D66
A3D865789D2BAE26726B6169C4639161137AEF72044A1C01647C521F09DF2E16
E93F3C72A0D605EF0D81E2421CCA19534147DBA0DDED2EE29048B7C2EB11B20A
CC54096FB8867FF6A4F5A5C7BB8CC795881375031EED2C93E815EC49DB6F4BFF
68ED5F4B4EABD66190AE39B45FFF0856FBA4B3918B44A6D831A5B9120B48A1E9
42396CE27E22BE8C2F0620EE61611D7F86DFE9543D2F2E2AF3EF5E85613CEE32
F9F6C453DA12C8FF16415C9B696C2E7DF95A46E9B07455CD129CE586B954870D
569E3B6EAC58C4E694A000EB534B1F33508A8B5DE8A7AD3749C24727CC878F4D
2D27F57B4F193A563443ACC7FE0CBF611F4FF0F1171FCBDF16C3ECEF8F9DBEDB
2B68FE68104359E1BC044DB33B4E88B913E4F5BE69DA9FD6E87EA59A50311E6E
11259F77F4E477CD066008FBFC7C31D5BBDC9EF708C4B255791EE380999A725C
BD1C3303D13CADF8BBD6200597E9D365EC3C05F1F48052CD47DCD69E77C94378
CD5A2EC1A95D754EE5189BFEE6E1F61C76A0A5EE8173DA273E02F24A62FACCFA
BEC3F75F638025A5FE3B8D278856FD273999C49AE7543C109205879B59AFC4C3
2AC044936A922455C80E93F76CC3E2CE539FDAB1AF65C0703B57177FEB5326A6
FBC9BA3BA7387C38EB9832213B2D87CF5F9FC2BA557E6FDF23556665CA3EF44A
08F827A63228D7BCD0D02DD131C1AE29BC1D9C3619BE67EA99D8A62440BE57AB

Domain:
gelsd.com
tech.hindustantimes.com

Url:
https://tech.hindustantimes.com/tech/news/government-warns-internet-users-about-akira-ransomware-hackers-using-anydesk-winrar-71690168901674.html
https://www.ired.team/offensive-security/credential-access-and-credential-dumping/forcing-wdigest-to-store-credentials-in-plaintext