IoC Extractor
This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.
GobRAT malware written in Go language targeting Linux routers – JPCERT/CC EyesDATE : 2023-06-02T07:00:00
SOURCE : or.jpFILE_HASH_MD5:050CFE3706380723433807193E03FE2F
FILE_HASH_SHA256:060acb2a5df6560acab9989d6f019fb311d88d5511f3eda0effcbd9fc6bd12bb
feaef47defd8b4988e09c8b11967e20211b54e16e6df488780e2490d7c7fa02a
3e44c807a25a56f4068b5b8186eee5002eed6f26d665a8b791c472ad154585d1
60bcd645450e4c846238cf0e7226dc40c84c96eba99f6b2cffcd0ab4a391c8b3
a8b914df166fd0c94106f004e8ca0ca80a36c6f2623f87a4e9afe7d86b5b2e3a
aeed77896de38802b85a19bfcb8f2a1d567538ddc1b045bcdb29cb9e05919b60
6748c22d76b8803e2deb3dad1e1fa7a8d8ff1e968eb340311fd82ea5d7277019
e133e05d6941ef1c2e3281f1abb837c3e152fdeaffefde84ffe25338fe02c56d
43dc911a2e396791dc5a0f8996ae77ac527add02118adf66ac5c56291269527e
af0292e4de92032ede613dc69373de7f5a182d9cbba1ed49f589ef484ad1ee3e
2c1566a2e03c63b67fbdd80b4a67535e9ed969ea3e3013f0ba503cfa58e287e3
98c05ae70e69e3585fc026e67b356421f0b3d6ab45b45e8cc5eb35f16fef130c
300a92a67940cfafeed1cf1c0af25f4869598ae58e615ecc559434111ab717cd
a363dea1efda1991d6c10cc637e3ab7d8e4af4bd2d3938036f03633a2cb20e88
0c280f0b7c16c0d299e306d2c97b0bff3015352d2b3299cf485de189782a4e25
f962b594a847f47473488a2b860094da45190738f2825d82afc308b2a250b5fb
4ceb27da700807be6aa3221022ef59ce6e9f1cda52838ae716746c1bbdee7c3d
3e1a03f1dd10c3e050b5f455f37e946c214762ed9516996418d34a246daed521
3bee59d74c24ef33351dc31ba697b99d41c8898685d143cd48bccdff707547c0
c71ff7514c8b7c448a8c1982308aaffed94f435a65c9fdc8f0249a13095f665e
Domain:su.vealcat.com
ktlvz.dnsfailover.net
aaa.com
wpksi.mefound.com
go.dev
Url:https://su.vealcat.com
http://su.vealcat.com:58888
https://ktlvz.dnsfailover.net
http://ktlvz.dnsfailover.net:58888
https://go.dev/blog/go