IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Detecting EnemyBot – Securonix Initial Coverage Advisory

DATE : 2022-03-07T07:00:00
SOURCE : securonix.com

FILE_HASH_SHA1:
0Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

FILE_HASH_SHA256:
cc36cc84d575e953359d82e8716c37ba2cbf20c6d63727ca9e83b53493509723
52421da5ee839c9bde689312ff35f10e9bcab7edccc12ee1fe16630e20531aaf
adb51a8d112590a6fdd02ac8d812b837bbe0fcdd762dba6bbba0bd0b538f9aef
498ecf2ce03960a695d4ba92d4d2e6163917686db29393c4b8d8c9d11d19774d
5e56210f15b653e4ea881f25bfa423af4f4c5ee3a7c9386543fde23e0e7169c8
7ccffe7a3daa58db665db93f816ab0b5a4e9ce0bc7a2490d885250d267ed4bbc
7635758818ca966288ad10fb3d385c177f8cd5554369eeb28f8b52951004ed89
f3c4ca5ba23d27a4d297dfef8614b48bbaca6455814d537114f4e6d418f10f47
d9204c9b5018a3028d5c7f966d8c37be9d7d4dd2c5c4cd95cde686cce655c609
ae9cc1b644ee435bddc57af2eeab05fb0ba0dc2f81473611bd2f39c1d9be1d1c
d0b9e7bbf034e501872ecb276b3b670ae175fff09618d9836356d47f677bdbbc
5dba7e81c4a03eedee4a33535cfda88d8d178658d0e434ee48bd29d7091c63b5
e4bdf0d87db133824ff183c28c860c08794394eaaf76898899cbeb5f9749ae1f
22db83f9cc631eb3222444328289a3be787c3a8182ccd8004c6cc2b5dc50a12d
aeb9f6999fdc3a3dadbe93ff8a1a2de3ac181b43eddcf208c018db88526b5314
c275a1ec95142b7134d7beb153e6126bda9087c152e69497f1990c39d5045399
6dbb0e96180d0946ddd9ff17908cf830fbff5016ff013891e3fdf3c3b33ef2e6
ea2ff0c01629bdaecceecc59d93de73f01b7b18146986be114503c086fa29976
7ec1fab277b86e022819c9b5a53be05df2af76c5c19b2aa1cf26590d06dcdbcd
908a95c887d4c46e5058db09e85efba023219793b54b5cd7ea03e1b450784111
a33145dc629c7ca76dc5ec0138fe60b06e8c53bd01f1bb90d9a7e21ff0a391e6
9bb46cfa321d5aa65960fa4563a50eec40de4e221e360162bae4b4e4b40a3540
058d36172d25e7b3db227c02ffba5be3d1b17d0eef7bfd4029c55b16ac2ab06b
f36ade94ba4261fdff37d53c7d7c4935374d9263ec4fe92d2bb6c1def5f0783f
b2c92609557eaabe108689a17996befeabb48da70053ae6335a1fcd0c1189249
1a7316d9bb8449cf93a19925c470cc4dbfd95a99c03b10f4038bb2a517d6ed50
12e907fae4427a7b0d68adfb33a5e045971bd755f8b7a48299a27736c24c9929

Url:
http://198.12.116.254/update.sh
http://198.12.116.254/folder/enemybotx86