IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Cobalt Strike and a Pair of SOCKS Lead to LockBit Ransomware

DATE : 2025-01-27T11:00:46
SOURCE : thedfirreport.com

FILE_HASH_MD5:
a0e9f5d64349fb13191bc781f81f42e1
8ed408107f89c53261bf74e58517bc76
303951d4c50efb2e991652225a6f02b1
6505b488d0c7f3eaee66e3db103d7b05
671b967eb2bc04a0cd892ca225eb5034
03af38505cee81b9d6ecd8c1fd896e0e
0f7b6bb3a239cf7a668a8625e6332639
ea327ed0a3243847f7cd87661e22e1de
57f791f7477b1f7a1b3605465d054db8
6e91c474d90546845b1f3f9e7a33411a
0aa05ebc3b6667954898cfccc4057600
2800a10c4afae44978d906b2abaed745
d9adb3dd6df169e824b2867a2b8cba89
71c8c1a0056fd084bc32a03d9245ad10
573a213191985c555dd7e8de5f0a9cae
4457256150386acec794e9e8ee412691
6d44c5fb49258f285769e50830fc59af
40852fde665eb9119fcc565bd68de680
996ad32c7ae2190b7fa7876df0d7b717
90f9044cfee2c678fe51abd098bdfe97
b254f8f03e61bd9469df66c189d79871
4794accd22271a28547fb3613ee79218

FILE_HASH_SHA1:
bf2b396b8fb0b1de27678aab877b6f177546d1c5
ab1777107d9996e647d43d1194922b810f198514
1ac66fcc34c0b86def886e4e168030dae096927c
5263a135f09185aa44f6b73d2f8160f56779706d
450d54d5737164579416ca99af1eb3fa1d4aaff9
bba1bc3ebf07ca3c4e2442f0ba9ea18383ce627b
9352236ad6fe8835979cf11ba5033f8f2fef0f19
c59cbd309b3393cb08a1133364ed11000fdd418d
84019de427aef1f1e4f32b579767bee6d0bd1e64
b077ea03b207cc8b8b48b9b4f9a58dabbd39f678
5de1f72ffeea1ecbd287b0ca8ddb2c5264d9acb5
aa19a1648d680c3bfbee7dcc3df41ce98af8e121
c6d54322a17e754150e61f7caa91226a84b0b774
da6771fbbcfaf195b80925cefc880794d62d61bf
956e020206c4dc4240537d07be022e86ed918ed1
4a1e667e0c3550f4446903570adbe7776699d4ca
e3619582f4d81ca180dee161bbe49d499b237119
45337ae989cd62d07059f867ce62ff6b6fc90819
ccc6b5bf9591fa9a3d57fd48ee0c9c49a6d22da9

FILE_HASH_SHA256:
2389b3978887ec1094b26b35e21e9c77826d91f7fa25b2a1cb5ad836ba2d7ec4
44cf04192384e920215f0e335561076050129ad7a43b58b1319fa1f950f6a7b6
ced4ee8a9814c243f0c157cda900def172b95bb4bc8535e480fe432ab84b9175
b4ad5df385ee964fe9a800f2cdaa03626c8e8811ddb171f8e821876373335e63
b79bb3302691936df7c3315ff3ba7027f722fc43d366ba354ac9c3dac2e01d03
18051333e658c4816ff3576a2e9d97fe2a1196ac0ea5ed9ba386c46defafdb88
d8b2d883d3b376833fa8e2093e82d0a118ba13b01a2054f8447f57d9fec67030
3f97e112f0c5ddf0255ef461746a223208dc0846bde2a6dca9c825d9c706a4e9
c1173628f18f7430d792bbbefc6878bced4539c8080d518555d08683a3f1a835
7673a949181e33ff8ed77d992a2826c25b8da333f9e03213ae3a72bb4e9a705d
59c9d10f06f8cb2049df39fb4870a81999fd3f8a79717df9b309fadeb5f26ef9
ba9b879fdc304bd7f5554528fb8e858ef36ad4657fedfefb8495f43ce73fc6f1
10ce939e4ee8b5285d84c7d694481ebbdf986904938d07f7576d733e830ed012
3af3f2d08aa598ab4f448af1b01a5ad6c0f8e8982488ebf4e7ae7b166e027a8b
578a2ac45e40a686a5f625bbc7873becd8eb9fe58ea07b1d318b93ee0d127d4e
791157675ad77b0ae9feabd76f4b73754a7537b7a9a2cc74bd0924d65be680e1
c4863cc28e01713e6a857b940873b0e5caedfd1fcb9b2a8d07ffb4c0c48379d5
9bcaad9184b182965923a141f52fb75ddd1975b99ab080869896cee5879ecfad
53828f56c6894a468a091c8858d2e29144b68d5de8ff1d69a567e97aac996026

Domain:
accessservicesonline.com
mega.io
mega.io
compdatasystems.com
user.compdatasystems.com
retailadvertisingservices.com
sigmasearchengine.com