IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations | CISA

DATE : 2022-09-08T07:00:00
SOURCE : cisa.gov

CVE:
cve-2018-13379
cve-2020-12812
cve-2019-5591
cve-2021-34473
cve-2021-34523
cve-2021-31207
cve-2021-44228
cve-2021-45046
cve-2021-45105
cve-2021-31206
cve-2021-33768
cve-2021-33766
cve-2021-34470
cve-2021-31196

FILE_HASH_MD5:
d2f4647a3749d30a35d5a8faff41765e
2e1e17a443dc713f13f45a9646fc2179
49c71178fa212012d710f11a0e6d1a30
5f098b55f94f5a448ca28904a57c0e58
7ac4633bf064ebba9666581b776c548f
ee8fd6c565254fe55a104e67cf33eaea
cacb64bdf648444e66c82f5ce61caf4b
5b646edb1deb6396082b214a1d93691b
0f8b592126cc2be0e9967d21c40806bc
9a3703f9c532ae2ec3025840fa449d4e
68f58e442fba50b02130eedfc5fe4e5b
298d41f01009c6d6240bc2dc7b769205
b04b97e7431925097b3ca4841b894139
7b0b88796da512986327ff66426544ca
bd131ebfc44025a708575587afeebbf3
f0be699c8aafc41b25a8fc0974cc4582
7fdc2d007ef0c1946f1f637b87f81590

FILE_HASH_SHA1:
0f676bc786db3c44cac4d2d22070fb514b4cb64c
e75bfc0dd779d9d8ac02798b090989c2f95850dc
226f0fbb80f7a061947c982ccf33ad65ac03280f
27102b416ef5df186bd8b35190c2a4cc4e2fbf37
524443dd226173d8ba458133b0a4084a172393ef
24ed561a1ddbecd170acf1797723e5d3c51c2f5d
3a6431169073d61748829c31a9da29123dd61da8
763ca462b2e9821697e63aa48a1734b10d3765ee

FILE_HASH_SHA256:
559d4abe3a6f6c93fc9eae24672a49781af140c43d491a757c8e975507b4032e
bcc2e4d96e7418a85509382df6609ec9a53b3805effb7ddaed093bdaf949b6ea
668ec78916bab79e707dc99fdecfa10f3c87ee36d4dee6e3502d1f5663a428a0
d14d546070afda086a1c7166eaafd9347a15a32e6be6d5d029064bfa9ecdede7
c1723fcad56a7f18562d14ff7a1f030191ad61cd4c44ea2b04ad57a7eb5e2837
12c6da07da24edba13650cd324b2ad04d0a0526bb4e853dee03c094075ff6d1a
17e95ecc7fedcf03c4a5e97317cfac166b337288562db0095ccd24243a93592f

Domain:
onionmail.org
rambler.ru
cyber.gov.au
cyber.gc.ca
ncsc.gov.uk
stopransomware.gov
newdesk.top
symantecserver.co
msupdate.us
msupdate.top
gupdate.us
buylap.top
winstore.us
tcp443.org
upmirror.top