IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

COBALT MIRAGE conducts ransomware operations in U.S.

DATE : 2022-04-11T07:00:00
SOURCE : secureworks.com

CVE:
cve-2018-13379
cve-2020-12812
cve-2019-5591
cve-2021-34473
cve-2021-34523
cve-2021-31207
cve-2021-44228
cve-2021-45046

FILE_HASH_MD5:
5f098b55f94f5a448ca28904a57c0e58
0f8b592126cc2be0e9967d21c40806bc
c8bd04b93ac9b95b712a84f119b31959
b90f05b5e705e0b0cb47f51b985f84db
c64f3293658ed3b3ba1f54c17fe37d18
8493325c9ff1a073d85b768703d594b4
b22b4531dce8a9cb16ecb9e4c17daea3

FILE_HASH_SHA1:
27102b416ef5df186bd8b35190c2a4cc4e2fbf37
3da45558d8098eb41ed7db5115af5a2c61c543af
1bf98c565cbfc4a500fab1d44b0f7c357d87abf6
5bd0690247dc1e446916800af169270f100d089b
5100230b454c33c05d1aef4235898543595ba378
39831dcae48c34dc61741b640f5bbdada97cf66e
7f310ac9423852b7a0af0c898c3404b3b47cbf53

FILE_HASH_SHA256:
668ec78916bab79e707dc99fdecfa10f3c87ee36d4dee6e3502d1f5663a428a0
724d54971c0bba8ff32aeb6044d3b3fd571b13a4c19cada015ea4bcab30cae26
24a73efb6dcc798f1b8a08ccf3fa2263ff61587210fdec1f2b7641f05550fe3b
28332bdbfaeb8333dad5ada3c10819a1a015db9106d5e8a74beaaf03797511aa
e6f4ce982908108759536f5aff21fa6686b8ea8153fdd4cdd087cceff5f1748a
927289ddccbb1de98fe3f8af627296d0d7e9833c8f59e5e423fe283b6792da89
9dce6086c61c23420ac497f306debf32731decc5527231002dbb69523fad3369

Domain:
newdesk.top
symantecserver.co
msupdate.us
winstore.us
gupdate.us
tcp443.org