IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

8220 Mining Gang’s New Tool: k4spreader

DATE : 2024-07-02T07:00:00
SOURCE : qianxin.com

FILE_HASH_MD5:
63a86932a5bad5da32ebd1689aa814b3
915aec68a5b53aa7681a461a122594d9
b9f096559e923787ebb1288c93ce2902

FILE_HASH_SHA1:
d96b9b6d2427c3e8be2f87de474715d06b11b972
a2b34f3cfcf584e90c13580e9e0f8b9306e9f6c9

FILE_HASH_SHA256:
7bade55726a3a6e86d809836d1bc43f4f7702ecde9ceed80a09876c2efeff8d4
f998aeb84da8b84723ca9fdbdeb565dbc7938bd0a0ce5f0981307b3e24bdf712
0897b1d3e3e453c160bf8d28a041eee3bd29e43a6f063faed7d3cb83a86b88cc
a980b1b0387534da7c9a321f7d450c02087f7a8445fc86b77785da0c510bbaa8
31fd924b9a5747befdf61c03b02c90d3c2ba93c8e1a9f798e6dfefe23767e1ae
20d08d27631ae9bab8f3cb7cddd9b35fb75e5bee5764072f77ac3b4513307838

Domain:
uptycs.com
dw.c4kdeliver.top
pwn.oracleservice.top
fbi.su1001-2.top

Url:
http://185.172.128.146:443/d.py
http://185.172.128.146/d.py
http://185.172.128.146:443/bin
http://185.172.128.146:443/bi.64
http://185.172.128.146:443/bin.64
http://run.sck-dns.ws/sys/index.ph
http://run.sck-dns.cc/sys/index.ph
http://185.172.128.146:443/bi
https://www.uptycs.com/blog/8220-gang-cryptomining-cloud-based-infrastructure-cyber-threat