IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Confluence Exploit Leads to LockBit Ransomware

DATE : 2025-02-26T13:05:27
SOURCE : thedfirreport.com

CVE:
cve-2023-22527
cve-2017-0199
cve-2023-22515
cve-2023-22518

FILE_HASH_MD5:
438448FDC7521ED034F6DABDF814B6BA
D7ADDB5B6F55EAB1686410A17B3C867B
9D495530A421A7C7E113B7AFC3A50504
3BD63B2962D41D2E29E570238D28EC0E

FILE_HASH_SHA1:
F08E7343A94897ADEAE78138CC3F9142ED160A03
A54AF16B2702FE0E5C569F6D8F17574A9FDAF197
02D291E2FF5799A13EACC72AD0758F2C5E69D414
9537E1C4E5DDD7FB9B98C532CA89A9DB08262AB4

FILE_HASH_SHA256:
1E2E25A996F72089F12755F931E7FCA9B64DD85B03A56A9871FD6BB8F2CF1DBB
498BA0AFA5D3B390F852AF66BD6E763945BF9B6BFF2087015ED8612A18372155
594F2F8AB05F88F765D05EB1CF24E4C697746905A61ED04A6FC2B744DD6FEBB0
7AA8E510B9C3B5D39F84E4C2FA68C81DA888E091436FDB7FEE276EE7FF87F016

Domain:
download.anydesk.com
mega.io
fofa.info
mega.nz
sigmasearchengine.com

Url:
http://92.51.2.22:443/UsySLX1n.hta
http://download.anydesk.com/AnyDesk.msi