IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

The BlueNoroff cryptocurrency hunt is still on

DATE : 2022-01-05T07:00:00
SOURCE : securelist.com

CVE:
cve-2017-0199

FILE_HASH_MD5:
e26725f34ebcc7fa9976dd07bfbbfba3
73572519159b0c27a18dbbaf25ef1cc0
f194e074e7d73c544eebb70e2e2785a1

Domain:
sharedocs.xyz
sendgrid.net
dcg.co
domainsabiesvc.comabiesvc.infoabiesvc.jp.netatom.publicvm.comatt.gdrvupload.xyzauthenticate.azure-drive.comazureprotect.xyzbackup.163qiye.topbeenos.bizbhomes.ccbitcoinnews.mefound.combitflyer.teamblog.cloudsecure.spacebuidihub.comchemistryworld.uscirclecapital.usclient.googleapis.onlinecloud.azure-service.comcloud.globalbrains.cocloud.jumpshare.vipcloud.venturelabo.cocloudshare.jumpshare.vipcoin-squad.cocoinbig.devcoinbigex.comdeepmind.funddekryptcap.digitaldllhost.xyz
8080163.25.24.4445.238.25.2devstar.dnsrd.comfxbet.linkpc.netlservs.linkpc.netmmsreceive.linkpc.netmmsreceive.linkpc.netmsservices.hxxps443.orgonlineshoping.publicvm.compalconshop.linkpc.netpokersonic.publicvm.compress.linkpc.netrubbishshop.linkpc.netrubbishshop.publicvm.comsocins.publicvm.comvpsfree.linkpc.net
cdn.discordapp.com

Url:
https://sharedocs.xyz/jyrhl4jowfp/eyi8t5sjli/qzrk8blr_q/rnyyuekwun/yzm1ncj8yb/a3q==