IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Dog Hunt: Finding Decoy Dog Toolkit via Anomalous DNS Traffic

DATE : 2023-04-21T07:00:00
SOURCE : infoblox.com

FILE_HASH_MD5:
3e4bae3b6d0addd08553fcbd8a2e2d24

FILE_HASH_SHA1:
57edc8b94c7595c41b24fc0c9b44a13f4ce945e4

FILE_HASH_SHA256:
e47db5ef2a23a156856b5ea3b156a32fc8b26fb1a5c496f62e74c8ca8bf4b924
84a2ed4270aaee360019f8136e464fbddb83d20ade79b43b712c711a632dfa14
fa075deeb0af84792a08f6be728ea15f1cf6183443cc5ee8a0632c7b4209675f
4996180b2fa1045aab5d36f46983e91dadeebfd4f765d69fa50eba4edf310acf
0375f4b3fe011b35e6575133539441009d015ebecbee78b578c3ed04e0f22568
a5c76a85c67fd7d81c9945432c4cace45014f68703bdcdd688f7cd3943db326a
85cdad039eaded7cabd7264e5f2a61dc57cadeead7019f476792d844d7c2934e

Domain:
blog.apnic.net
freedns.afraid.org
changeip.com
rfc-editor.org
tinyurl.com
xkcd.com
herdprotect.com
cbox4.ignorelist.com
claudfront.net
atlas-upd.com
allowlisted.net
wmssh.com
tzzjim3fv6dsgplfphfq9999.ouazdkj356dbfqeel11q9.cbox4.ignorelist.com
xg7d6df13a5efb41a09a7377211664afd6.dlszywz.com
8.com
3e4bae3b6d0addd08553fcbd8a2e2d24.mapdatamsnsdn.info
secure-access-7205bhevc287do2b9.gate40.xyz
jmaa55pmyg6xoce5ikr5fc6q8.conniejmoore.com
ignorelist.com
ping5.atlas-upd.com
fqeel11q9.cbox4.ignorelist.com
tvrhsa9.claudfront.net
jkq9.allowlisted.net
ns1.claudfront.net
ns2.claudfront.net
ns1.atlas-upd.com
ns2.atlas-upd.com
ns1.allowlisted.net
ns2.allowlisted.net
wua.40xhtgh.wmssh.com
qq.74lmth4.wmssh.com
rgk.74lmth4.wmssh.com
dongtaiwang.com
ping5.atlas-upd.net

Url:
https://blog.apnic.net/2016/04/04/dns-zombie
https://t.me/cybersquattingchannel/2969
https://freedns.afraid.org
http://www.changeip.com
https://www.rfc-editor.org/rfc/rfc4648
https://tinyurl.com/ddoglinkedi
https://xkcd.com/195
https://www.herdprotect.com/fg740p.exe-57edc8b94c7595c41b24fc0c9b44a13f4ce945e4.aspx