IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Analysis of BlackGuard – A New Info Stealer Malware Being Sold In A Russian Hacking Forum

DATE : 2022-03-22T07:00:00
SOURCE : zscaler.com

FILE_HASH_SHA256:
4d66b5a09f4e500e7df0794552829c925a5728ad0acd9e68ec020e138abe80ac
c98e24c174130bba4836e08d24170866aa7128d62d3e2b25f3bc8562fdc74a66
7f2542ed2768a8bd5f6054eaf3c5f75cb4f77c0c8e887e58b613cb43d9dd9c13
f2d25cb96d3411e4696f8f5401cb8f1af0d83bf3c6b69f511f1a694b1a86b74d
bbc8ac47d3051fbab328d4a8a4c1c8819707ac045ab6ac94b1997dac59be2ece
f47db48129530cf19f3c42f0c9f38ce1915f403469483661999dc2b19e12650b
ead17dee70549740a4e649a647516c140d303f507e0c42ac4b6856e6a4ff9e14
1ee88a8f680ffd175943e465bf85e003e1ae7d90a0b677b785c7be8ded481392
71edf6e4460d3eaf5f385610004cfd68d1a08b753d3991c6a64ca61beb4c673a
e08d69b8256bcea27032d1faf574f47d5412b6da6565dbe52c968ccecea1cd5d

Domain:
ipwhois.app
win.mirtonewbacker.com
umpulumpu.ru
greenblguard.shop

Url:
http://ipwhois.app/xml