IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Securonix Threat Labs Security Advisory: New OCX#HARVESTER Attack Campaign Leverages Modernized More_eggs Suite to Target Victims

DATE : 2023-04-19T07:00:00
SOURCE : securonix.com

FILE_HASH_SHA256:
36bf06bde63af8cdd673444edf64a323195fe962b3256e0269cdd7a89a7e2ae1
631f92c9147733acf3faa02586cd2a6cda673ec83c24252fccda1982cf3e96f6
13140291db39218c897d2ff960c1ef4ec3107bd239bc04ba8a218ad3b4dbd72f
4ba964764210607f3bab884a14afa0b917891cff969a309bbbc12d3321386352
bfe048ba91218019b64ab8477dad3ba6033cbc584f0d751d2866023b2b546c2e
d95e19341fa4af9a405f3a34fc3788dd9b74a9d6ab0f5cbe63cca5271ce63e05
7ac84bf51b9db169b1282bb40daae2d38bb2fa5acc02b590198815a79cee1dbf
47e5232576e2eed33a13bca998c93e7aee57711f588b17f75367f7e58ea09ad9
494839430932a97030a7163d636d2365d715ff517ba912f2afd0c557494d077a
debead9e8e3d106991e38d2057931265b3a08d4746c08255df0a4bf986327215
7358d711f27086a21ce7485b1f1a570f0556f2c4096e22cac94a4b5d86842194
1e8c661f7496120d66aaca02def8c670f1bd656f0e9f4aefb5991bf214a48ffc
1c9cd406024034cd69ac881801085b21864ec4148dd9cab6498cbd7ca77408bc
5eee027839ce7f97976af005c04ff5d22316eacd2cd880b95f6bdb09ee84fd5c
b9c08b08d5a97c93db572fe67fcee129a41235182d9a6be8164058da0969ece9
13275de2ee18d0b66772dec7ad5d1f2eb16875de8b33802793bcf4a5b41c7432
6e90de5bf00945252fcfc3746446b5d1037af59bed67e6e33de1a5dae9616bf9

Domain:
telemistry.net
ukmedia.store
windowsupdatebg.s.llnwi.net
securityintelligence.com
lolbas-project.github.io

Url:
http://193.149.185.229/sas.php?name=REDACTED_HOSTNAME
https://securityintelligence.com/posts/more_eggs-anyone-threat-actor-itg08-strikes-agai
https://quointelligence.eu/2020/07/golden-chickens-evolution-of-the-maa
https://lolbas-project.github.io/lolbas/Binaries/Ie4uinit
https://lolbas-project.github.io/lolbas/OtherMSBinaries/Msxsl