IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

SolarMarker campaign used novel registry changes to establish persistence

DATE : 2022-01-31T07:00:00
SOURCE : sophos.com

FILE_HASH_MD5:
22b0270b0a7e4dd147bc74ec3b799366

FILE_HASH_SHA1:
6ccbde9f29fe59077e218b5dc294ca179bd54522
55c692913894a282189e0dff5dcd60e29ad89046
ee19506006b67c58933b471597e777b2675fba92

Domain:
abocomteamsd.site
sseiatca.site
passesleeson.site
triplegnuise.site
websites.in
pdfdocdownloadspanel.site

Url:
http://45.146.165.221
http://91.241.19.110
http://46.102.152.102
http://185.244.213.64
http://192.121.87.53
http://5.254.118.226
http://23.29.115.175
http://92.204.160.110
http://146.70.24.173
http://69.46.15.151
http://167.88.15.115
http://216.230.232.134
http://37.120.237.251
http://45.42.201.248
http://188.241.83.61
http://146.70.41.157
http://92.204.160.233
http://37.221.114.23
http://149.255.35.179
http://104.223.123.7