IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Ongoing Email Bombing Campaigns Leading to Remote Access and Data Exfiltration

DATE : 2025-02-01T19:45:07
SOURCE : esentire.com

FILE_HASH_SHA1:
73F3ED20F03168D25E658B0603E533CDB566B402

FILE_HASH_SHA256:
0041E492A07AAC0B64AD907D44E6242BCA8A2193D492B8DD44EFC14170391E0F
2B3D230A76368B7B940BD069DD63C8FCD16E4DBFC888B127427062EE39BDD3CA
4F77EA80FF9ACA5752A6CF01A0C0FF070563E286659AB86F43EAC889341B0E13
2010A4701A0819B61579F916149AE0A5FE3D37D6939B3F66102717C925289B9C

IPv4:
38.180.25.3
45.8.157.199
5.181.3.164
67.43.234.113

Domain:
news.sophos.com
hatua.tech
ensol.co

Url:
https://news.sophos.com/en-us/2025/01/21/sophos-mdr-tracks-two-ransomware-campaigns-using-email-bombing-microsoft-teams-vishing