IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Threat analysis: Follina exploit fuels ‘live-off-the-land’ attacks

DATE : 2022-07-21T07:00:00
SOURCE : reversinglabs.com

CVE:
cve-2022-30190

FILE_HASH_SHA1:
b0b952334f0d0195b06faed532170263f7fad6c2
da80a38090ef8cb52e91e639ea267c4f24bf3a21
3c7674214e21cc4ec6a92555a1e6d1ad5c7ed36f
83fde764f70378b4b0610d87e86faac6dc5bc54b
6e9e90431e5e660071b683d121ad887d3726a4a0
7ed97610cdee3c69be2961543ce619485b680572
8ea0fea3e9787f270a9a23e3335b7b8e35475b06
8b095d4f5b1ef62b40507e6155a55214243f2c85
1c52a8bab1e5a107837c2d9abab1c73d571dc15d
64e5715d590c54a7c06baceef19e84ef672bc257
70dcbbcc20addef04eae7bf66c1545a935005c69
82b0beb6fff9a90dc40b300ebf1b0ec4977ba8ad

FILE_HASH_SHA256:
b16d0271ff1bc6e508dbf6a2183644926f3631038d6be30cc9e615efc5e2e903
4f643bf57abe70e3c4ed64f05167da5d6c35f2dac1d7fda78523ab231f903575
083d27a598e1a4c93dc8a9b446ca95c4c7b7b8f2e5fc2f6020b162ead8c91bdf
7641c3d8e2a5159333fb99a851ac8c400bb7fd62fc61c58e6016747045cab0c1
57e73e139dff99884e9287266ca4caf826e7ec3b5e93f737198c6bf970b982f8
5217c2a1802b0b0fe5592f9437cdfd21f87da1b6ebdc917679ed084e40096bfd

Domain:
schemas.openxmlformats.org
files.attend-doha-expo.com
seller-notification.live
telecomly.info
t1bet.net
system.net
tibetyouthcongress.com

Url:
http://schemas.openxmlformats.org/package/2006/relationships&8221
http://schemas.openxmlformats.org/officeDocument/2006/relationships/fontTable&8221
http://schemas.openxmlformats.org/officeDocument/2006/relationships/settings&8221
http://schemas.openxmlformats.org/officeDocument/2006/relationships/image&8221
http://schemas.openxmlformats.org/officeDocument/2006/relationships/styles&8221
http://schemas.openxmlformats.org/officeDocument/2006/relationships/numbering&8221
http://schemas.openxmlformats.org/officeDocument/2006/relationships/oleObject&8221
https://files.attend-doha-expo.com/inv.html
http://schemas.openxmlformats.org/officeDocument/2006/relationships/webSettings&8221
http://schemas.openxmlformats.org/officeDocument/2006/relationships/theme&8221
https://seller-notification.live/Zgfbe234dg&8217
https://seller-notification.live/JFhfdsfo1234vdv&8217
http://65.20.75.158/0524&215