IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

NullMixer drops Redline Stealer, SmokeLoader and other malware

DATE : 2022-09-20T07:00:00
SOURCE : securelist.com

FILE_HASH_MD5:
98f0556a846f223352da516af66fa1a0

Domain:
signaturebusinesspark.com
onlinehueplet.com
patchlinks.com
tg8.cllgxx.com
remviagra.com
iplogger.org
reosio.com
banhamm.com
azilominehostz.xyz
dll1.stdcdn.com
eurekabike.com
i.xyzgamei.com
sxhxrj.com
privacy-tools-for-you-782.com
cdn.discordapp.com
privacy-tools-for-you-791.com
stylesheet.faseaegasdfase.com
careerguide4u.online
zenitsu.s3.pl-waw.scw.cloud
tengenuzui.s3.pl-waw.scw.cloud
v.xyzgamev.com
gc-distribution.biz
flexnetinformatica.com.br
source3.boys4dayz.com
proxies.txt5.9.224.21792.255.57.115ads-memory.bizall-mobile-pa1ments.com.mxall-smart-green.comam1420wbec.com
egsagl.com
enter-me.xyzfennsports.com
file-coin-host-12.comginta.linkhhiuew33.com
safehost-data-coin-11.comislamic-city.com
mordo.ru
noblecreativeaz.com
one-wedding-film.compiratia-life.ru
presstheme.mereal-enter-solutions.xyzrecmaster.ru
remik-franchise.ru
reoseio.comsignaturebusinesspark.comsovels.ru
spaldingcompanies.com
toa.mygametoa.comtopexpertshop.comtopniemannpicksh0p.cctvqaq.cn
whsddzs.com

Url:
https://signaturebusinesspark.com/360/fw%d.exe
https://signaturebusinesspark.com/360/fw3.exe
https://signaturebusinesspark.com/360/fw4.exe
https://signaturebusinesspark.com/360/fw6.exe
https://presstheme.me/&8221
https://presstheme.me/?user=l10_1&8221
https://presstheme.me/?user=l10_2&8221
https://presstheme.me/?user=l10_7&8221
http://onlinehueplet.com/77_1.exe