IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

PlugX: A Talisman to Behold

DATE : 2022-03-22T07:00:00
SOURCE : trellix.com

FILE_HASH_MD5:
8e886df3cb6160188f9748f14f249063
b4f12a7be68d71f9645b789ccdc20561
60cb70545fbe3c96a0f82eeb54940553
c6c6162cca729c4da879879b126d27c0

FILE_HASH_SHA1:
dc40970a3c8f03866e0b700460d3b1f7afa6a433
ef3e558ecb313a74eeafca3f99b7d4e038e11516
2294ecbbb065c517bd0e01f3f01aabd0a0402f5a
80e5fd86127de526be75ef42ebc390fb0d559791

FILE_HASH_SHA256:
c09ff32519f112674bd5f4b1687feadf18844c5423e6f28df8be50eb9503e606
1c0cf69bce6fb6ec59be3044d35d3a130acddbbf9288d7bc58b7bb87c0a4fb97
6dc98a3c771f9f20d099e2d64995564dd083be9ac6ed9586a6e57c20ebd4176c
344fc6c3211e169593ab1345a5cfa9bcb46a4604fe61ab212c9316c0d72b0865
fdada5ba799bd9f5270b218cfad543d99fde3eb7898fd9e3ee79603b643b3c48
e71d355dec64cbf8f02a754bf0585437ce48f7b68108cb642fb202393cd1ef90
0a00204517283c9a8d1e2d1a8743249c14de0edcec4a8292500083437735663c
45c944889a482ae2e0e0a8e260c3be737cb612c8804164badef61e8a8713b92f
f6b939dcc97c1c43f1c616174f936b6ef19c5ccc872a1a0ef14f2989cf11b02b
ad48650c6ab73e2f94b706e28a1b17b2ff1af1864380edc79642df3a47e579bb
6cd5079a69d9a68029e37f2680f44b7ba71c2b1eecf4894c2a8b293d5f768f10
0468005682c814e7a5f07f3554e9fadbb2d2ba7527dcaee9a1a456f244c49ddb
a072133a68891a37076cd1eaf1abb1b0bf9443488d4c6b9530e490f246008dba
37b3fb9aa12277f355bbb334c82b41e4155836cf3a1b83e543ce53da9d429e2f
fe18adaec076ffce63da6a2a024ce99b8a55bc40a1f06ed556e0997ba6b6d716
3c5d08f20a7bd04b1e6866344af59bec2152ec3542f2eae0c7925555e670676e
f44ede464f752ea3aa3595f8137945a4dee7298c8155c39f366aad05b125ac8b
3f6102bd9add588b4df9b1523e40bb124af36a729037b8c3f2261563e4fa4be9
785ac72b10fd9cf98b5e2a40dc607e1ff735fcd8192bf71747755c963c764e2d

Domain:
freewula.strangled.net
dhsg123.jkub.com
final.staticd.dynamic-dns.net
szuunet.strangled.net
oprblemoyo.kozow.com
asd.powergame.0077.x24hr.com
w.asd3.as.amazon-corp.wikaba.com
randomanalyze.freetcp.com
darkpapa.chickenkiller.com
miche.justdied.com