IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Phishy Business: Unraveling LabHost’s scam ecosystem

DATE : 2024-04-20T15:52:42
SOURCE : group-ib.com

FILE_HASH_SHA1:
cda695baad4be4f6067195395997360337a43d6f

Domain:
instapi-1xoa93z90o348fz.co
api2-4hdfix74ks.co
labhost.co
labsend.co
geoiptool.com
lab-host.ru
files.labsend.co
s.id
fraudehelpdesk.nl
scamadviser.com
activitylab-host.runic.ru
nowlabcvv.sunic.ru
nowlabsend.conamecheap.com
nowapi2-4hdfix74ks.conamesilo.com
nowinstapi-1xoa93z90o348fz.conamesilo.com
nowlabhost.rureg.ru
2022labhost.xyznic.ru
2021labhost.cotucows.com
2021labhost.ccnamesilo.com
2021labhost-alt1.runic.ru
labhost-backup.runic.ru
addressclimateactionincentive-resident.infonamesilo.com
us45.148.244.237yearlygift-freedommobile.infonamesilo.com
us159.253.120.116thisisyours.topnamesilo.com
us159.253.120.116sdn-hme.topnamesilo.com
us159.253.120.116rogers-yearlygift.infonamesilo.com
us159.253.120.116resimaigu.infonamesilo.com
us159.253.120.116online-icd-zco-db.topnamesilo.com
us159.253.120.116lnk-online.topnamesilo.com
us159.253.120.116imthenew.topnamesilo.com
us159.253.120.116grdn-hme.topnamesilo.com
us159.253.120.116gdn-hme.topnamesilo.com
us159.253.120.116freedommobile-giftpay.infonamesilo.com
us159.253.120.116freedommobile-gift.infonamesilo.com
us159.253.120.116elmaronf.infonamesilo.com
us159.253.120.116caip-deposit-rebate.infonamesilo.com
us159.253.120.116scribbledromance.livenamesilo.com
us159.253.120.116online-db-batch.topnamesilo.com
us159.253.120.116icd-zco.gdn-hme.topnamesilo.com
us159.253.120.116freedom-yearlygift.infonamesilo.com
us159.253.120.116clients.groupe-dn.infonamesilo.com
us159.253.120.116gov-return-cad.infonamesilo.com
us185.113.8.38freedommobile-credit.infonamesilo.com
us185.113.8.38freedommobile-credit.comnicenic.net
kong185.113.8.38climateactionincentive-rebatepay.infonamesilo.com

Url:
https://instapi-1xoa93z90o348fz.co/file-xm3728d/1709912030/global-dhl.zi
https://api2-4hdfix74ks.co
https://t.me/MrSmartICQ
https://t.me/houdini13
https://t.me/labhost
https://labhost.cc
https://t.me/Zimna514
https://labhost.co
https://t.me/TheLabRefund
https://t.me/labrefundvouch
https://t.me/LabSend
https://labsend.co
https://t.me/ProfileShop_Bot
http://www.geoiptool.com/?IP=142.169.16.238