IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Qakbot Evolves to OneNote Malware Distribution

DATE : 2023-03-01T07:00:00
SOURCE : trellix.com

FILE_HASH_MD5:
83feba178d0097929e6efeb27719d5db
5d44a2b0d85aa1a4dd3f218be6422c66
891c7d5050fe852a032eeda9311498e8

FILE_HASH_SHA1:
e50f09e56a72b14ff200b94ca583c3f9bb1112b1
52975754a7e3048c5b587e4926e99cb5c8123929

FILE_HASH_SHA256:
033ca3aa775a34a7a4b6533b0fb744c9c71ab6cebec7e3f17a261e8f4edcdd01
e16e0faae0e9851a782d026f6692e34a9c7bae14c545aa8ac1e1ef033dfd06a8
1dc133f24649611277716350f9d63ccd7c30cec27b9b4b7c62f6bbfe395acfac
1ff8e47def1e557b14470f95215d8763876f28411d4cf4fc7319c077733acd63

Domain:
system.net
xxxprofxxx.dnsdojo.com
xxxsthebagsxxx.mywire.org
ehonlionetodo.com

Url:
http://216.120.201.100/60852.dat
http://185.104.195.9/87084.dat