IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

The Darkgate Menace: Autohotkey Exploitation and Smartscreen Evasion

DATE : 2024-05-13T12:44:44
SOURCE : mcafee.com

CVE:
cve-2023-36025
cve-2024-21412

FILE_HASH_SHA256:
196bb36f7d63c845afd40c5c17ce061e320d110f28ebe8c7c998b9e6b3fe1005
2b296ffc6d173594bae63d37e2831ba21a59ce385b87503710dc9ca439ed7833
038db3b838d0cd437fa530c001c9913a1320d1d7ac0fd3b35d974a806735c907
897b0d0e64cf87ac7086241c86f757f3c94d6826f949a1f0fec9c40892c0cecb
dd7a8b55e4b7dc032ea6d6aed6153bec9b5b68b45369e877bb66ba21acc81455
4de0e0e7f23adc3dd97d498540bd8283004aa131a59ae319019ade9ddef41795
6ed1b68de55791a6534ea96e721ff6a5662f2aefff471929d23638f854a80031
1a960526c132a5293e1e02b49f43df1383bf37a0bbadd7ba7c106375c418dad4
2e34908f60502ead6ad08af1554c305b88741d09e36b2c24d85fd9bac4a11d2f
10e362e18c355b9f8db9a0dbbc75cf04649606ef96743c759f03508b514ad34e

Domain:
withupdate.com

Url:
http://withupdate.com/oudowibspr
http://withupdate.com/rwlwiwbv
http://withupdate.com/bisglrk