IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Securonix Threat Labs Security Advisory: New MULTI#STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities Dropping Multiple RAT Payloads Using Security Analytics

DATE : 2023-06-17T07:00:00
SOURCE : securonix.com

FILE_HASH_SHA256:
8674817912be90a09c5a0840cd2dff2606027fe8843eb868929fc33935f5511e
3783acc6600b0555dec5ee8d3cc4d59e07b5078dd33082c5da279a240e7c0e79
18C876A24913EE8FC89A146EC6A6350CDC4F081AC93C0477FF8FC054CC507B75
31960A45B069D62E951729E519E14DE9D7AF29CB4BB4FB8FEAD627174A07B425
02212f763b2d19e96651613d88338c933ddfd18be4cb7e721b2fb57f55887d64
5A11C5641C476891AA30E7ECFA57C2639F6827D8640061F73E9AFEC0ADBBD7D2
30951DB8BFC21640645AA9144CFEAA294BB7C6980EF236D28552B6F4F3F92A96
37C59C8398279916CFCE45F8C5E3431058248F5E3BEF4D9F5C0F44A7D564F82E
F9130B4FC7052138A0E4DBAAEC385EF5FAE57522B5D61CB887B0327965CCC02A
0E799B2F64CD9D10A4DFED1109394AC7B4CCC317A3C17A95D4B3565943213257
455ED920D79F9270E8E236F14B13ED4E8DB8DD493D4DABB05756C867547D8BC7
9C14375FBBCE08BCF3DC7F2F1100316B2FB745FA2C510F5503E07DB57499BFC8
B452A2BA481E881D10A9741A452A3F092DFB87BA42D530484D7C3B475E04DA11
AB0212F8790678E3F76ED90FBA5A455AC23FBB935CF99CABC2515A1D7277676F
4A834B03E7FAFFEF929A2932D8E5A1839190DF4D5282CEF35DA4019FE84B19A5
11408368F4C25509C24017B9B68B19CE5278681F6F12CE7DB992D3C6124B0A23

Domain:
lo3kcg.bl.files.1drv.com
alertra.com
blog.sevagas.com
codeproject.com
zero2auto.com

Url:
https://blog.sevagas.com/?Yet-another-sdclt-UAC-bypa
https://www.alertra.com/blog/decrypting-browser-passwords-other-secret
https://www.codeproject.com/Articles/1167943/The-Secrets-of-Internet-Explorer-Credential
https://www.codeproject.com/Articles/1167954/The-Secrets-of-Firefox-Credential
https://zero2auto.com/2020/08/20/dbatloader-modiloader-first-stage