IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Educated Manticore – Iran Aligned Threat Actor Targeting Israel via Improved Arsenal of Tools – Check Point Research

DATE : 2023-04-20T07:00:00
SOURCE : checkpoint.com

FILE_HASH_MD5:
1D1FB0BB21B94FC0B017A4DADA231E17
34624051816246d4a1a7f225d966d139
7e58169ee59d46e7a2be023e728c6205
bb14611f7aae441fb78f2ca919b800b5

FILE_HASH_SHA256:
3e1ed006e120a1afaa49f93b4156a992f8d799b1888ca6202c1098862323c308
29318f46476dc0cfd7b928a2861fea1b761496eb5d6a26040e481c3bd655051a
13bab4e32cd6365dba40424d20525cb84b4c6d71d3c5088fe94a6cfe07573e8e
6e842691116c188b823b7692181a428e9255af3516857b9f2eebdeca4638e96e
bc8f075c1b3fa54f1d9f4ac622258f3e8a484714521d89aa170246ce04701441
706510916cfc7624ec5d9f9598c95570d48fa8601eecbbae307e0af7618d1460
e5ba06943abb666f69f757fcd591dd1cceb66cad698fb894d9bc8911282198c4
97a615e69c38db9dffda6be7c11dd27547ce4036a4998a1469fa81b548c6f0b0
e5016dfeae584de20a90f1bef073c862028f410d5b0ae4c074a696b8f8528037
5704bc31061c7ca675bb9d56b9b56a175bf949accf6542999b3a7305af485906
4fcde8ec5983cf1465ff7dbcd7d90fcd47d666b0b8352db1dcd311084ed1b3e8
7cc9d887d47f99ca37d2fee6171067df70b4417e96fdb661b9fef697124444cc
bdb2a12f2f84c3742240b8b9e1d6638a73c6b8752aff476051fe33a0bb408010
5d216f5625caf92d224200647147d27bb79e1cff6c8a9fbcac63f321f6bbf02b
62d0b8b5d4281ce107c43d36f222680b0cc85844b8973b645095ccdfb128454d
1672a14a3e54a127493a2b8257599c5582204846a78521b139b074155003cba4
0f4d309f0145324a6867108bb04a8d5d292e7939223d6d63f44e21a1ce45ce4e
737cb075ba0b5ed6d8901dcd798eecff0bc8585091bc232c54f92df7f9e9e817
cd813d56cf9f2201a2fa69e77fb9acaaa37e64183c708de64cb5cb7c3035a184
c0de9b90a0ac591147d62864264bf00b6ec17c55f7095fdf58923085fe502400
59a4b11b9fb93e3de7c27c25258cec43de38f86f37d88615687ab8402e4ae51e

Domain:
subinfralab.info
deersharpfork.info
system.net
blackturtle.hopto.org
subinfralab.infodeersharpfork.infoblackturtle.hopto.org

Url:
https://subinfralab.info/qaMspFbEmg
https://subinfralab.info/hgAdDiLmnB
https://deersharpfork.info/dw85fgxtvzq/download/i/34624051816246d4a1a7f225d966d139/7e58169ee59d46e7a2be023e728c6205.jpg
https://deersharpfork.info/dw85fgxtvzq/download/f/bb14611f7aae441fb78f2ca919b800b5/7e58169ee59d46e7a2be023e728c6205