IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

Black Basta Playbook Chat Leak

DATE : 2025-02-24T23:07:18
SOURCE : medium.com

CVE:
cve-2024-23897

Domain:
email.redacted.com
outlook.redacted.com
vulnerablefirewall.com
vulnerableapp.com
pay.kassa.shop
system.net
domain.com
binance.com
redacted.com
redacted.com
bankofthewest.com
attacker.com
attacker-dns-server.com
data.attacker-server.com
duckdns.org
no-ip.com
dynu.com
freedns.afraid.org
attacker-server.com
malicious-domain.com

Url:
https://91.204.248.6/zimbraAdmin/public/jsp/ZimbraAdmin.j
https://202.55.69.146
https://mail.sc.qa/owa/:F40:-https://email.REDACTED.com/owa/auth/logon.aspx:Jon.DoeREDACTED.com:keo1234
https://outlook.REDACTED.com/owa/auth/logon.aspx:Jane.DoeREDACTED.com:redactednet01
https://9X.2XX.2XX.6
http://149.28.105.251:801/download/HK_DNS_x64_n1_x64_inf.dll
https://213.47.213.243
https://vulnerablefirewall.com/cgi-bin/globalprotect
https://vulnerableapp.com/api
https://3.145.111.80:8040
http://dns.stager.domain/payload