IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

#StopRansomware: Ghost (Cring) Ransomware

DATE : 2025-02-20T09:15:10
SOURCE : cisa.gov

CVE:
cve-2018-13379
cve-2010-2861
cve-2009-3960
cve-2019-0604
cve-2021-34473
cve-2021-34523
cve-2021-31207
cve-2020-1472
cve-2014-1812
cve-2017-0143
cve-2017-0144

FILE_HASH_MD5:
c5d712f82d5d37bb284acd4468ab3533
34b3009590ec2d361f07cac320671410
29e44e8994197bdb0c2be6fc5dfc15c2
ef6a213f59f3fbee2894bd6734bbaed2
d9c019182d88290e5489cdf3b607f982
c9e35b5c1dc8856da25965b385a26ec4
d1c5e7b8e937625891707f8b4b594314
ac58a214ce7deb3a578c10b97f93d9c3
c3b8f6d102393b4542e9f951c9435255
0a5c4ad3ec240fbfd00bdc1d36bd54eb
ff52fdf84448277b1bc121f592f753c5
a2fd181f57548c215ac6891d000ec6b9
625bd7275e1892eac50a22f8b4a6355d
db38ef2e3d4d8cb785df48f458b35090

Domain:
tutanota.com
stopransomware.gov
mega.nz
rejitto.com
skiff.com
mailfence.com
tuta.io
tutamail.com
onionmail.org
protonmail.com

Url:
http://xxx.xxx.xxx.xxx:80/Google.com