IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Emotet Downloader Document Uses Regsvr32 for Execution

DATE : 2022-07-25T07:00:00
SOURCE : eclecticiq.com

FILE_HASH_SHA256:
625121dba58742d70d59010af2a452649101cc0d6a3c956352e0c19bf31c7fc3
21c6a8dd0d5bd96c8bca604069c74708be3b8e6fc1f41423e2af0aabe0435fc8

Domain:
garantihaliyikama.com
haircutbar.com
airhobi.com
crowdstrike.com
malware-traffic-analysis.net
isc.sans.edu
cert.govt.nz

Url:
https://cointrade.world/receipts/0LjXVwpQrhw
http://www.garantihaliyikama.com/wp-admin/jp64lssPHEe2ii
http://haircutbar.com/cgi-bin/BC3WAQ8zJY4ALXA4
http://airhobi.com/system/WLvH1ygkOYQO/
https://www.crowdstrike.com/blog/meet-crowdstrikes-adversary-of-the-month-for-february-mummy-spider
https://www.europol.europa.eu/media-press/newsroom/news/world%E2%80%99s-most-dangerous-malware-emotet-disrupted-through-global-actio
https://www.malware-traffic-analysis.net/2020/08/10/index.html
https://isc.sans.edu/diary/EmotetinfectionwithCobaltStrike/28824
https://www.cert.govt.nz/it-specialists/advisories/emotet-malware-being-spread-via-email