IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Qbot and Zerologon Lead To Full Domain Compromise

DATE : 2022-02-09T07:00:00
SOURCE : thedfirreport.com

CVE:
cve-2020-1472

FILE_HASH_MD5:
c35a61411ee5bdf666b4d64b05c29e64
7c02dbae662670040c7af9bd15fb7e2f
0eecb7b1551fba4ec03851810d31743f
ae4edc6faf64d08308082ad26be60767
30cc71d5b5d7778774c54486558690d3
c1fd49c043894c1dff8bc02b17f8942c
53510e20efb161d5b71c4ce2800c1a8d
312e52b4109741893f17bc524084100f
59E7F22D2C290336826700F05531BD30
aa8a9db10fba890f8ef9edac427eab82

FILE_HASH_SHA1:
5f36c6cffdbae0d631c8889b4d9bad1248f899b3
e915f74be310b1687db6b290af2f78583a981512
2268178851d0d0debb9ab457d73af8a5e50af168
7ca650945223eab088f43fd472e3592be2ed9d32
3B2A0D2CB8993764A042E8E6A89CBBF8A29D47D1

FILE_HASH_SHA256:
dec25fc2fe7e76fe191fbfdf48588c4325f52bfe2769fbc88a5614541c1075eb
a992d57b2f6164e599952ea3c245962824ad17166684ed45e987efe80ebe611f
e2bc969424adc97345ac81194d316f58da38621aad3ca7ae27e40a8fae582987
4d3b10b338912e7e1cbade226a1e344b2b4aebc1aa2297ce495e27b2b0b5c92b

Domain:
hkcusoftwaremicrosoftyerqbqokc.in
avlhestito.us
xrhm.info
dxabt.com
ns1.dxabt.com
ns2.dxabt.com
ns3.dxabt.com
ns4.dxabt.com