← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
[Security Notice] Well-known port forwarding tool rinetd was poisoned by high imitation
WHITE schrodinger 2022-03-10 Modified: 2022-03-10
40
IOCs
MEDIUM VOLUME
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (40)
All URL domain hostname FileHash-SHA256
TYPEINDICATORDESCRIPTIONCREATED
URL http://update.rinetd.com/update.php?t=xxxxxxx 2022-03-10
URL http://www.rinetd.com 2022-03-10
URL http://www.rinetd.com/ 2022-03-10
URL http://www.rinetd.com/xxxxxx.sh 2022-03-10
URL http://www.rinetd.com/xxxxxxx 2022-03-10
domain 2017fly.com 2022-03-10
domain 2018fly.com 2022-03-10
domain 2019fly.com 2022-03-10
domain 7mfsdfasdmkgmrk.com 2022-03-10
domain 8masaxsssaqrk.com 2022-03-10
domain 9fdmasaxsssaqrk.com 2022-03-10
domain dddgata789.com 2022-03-10
domain dnstells.com 2022-03-10
domain dsaj2a.com 2022-03-10
domain dsaj2a.org 2022-03-10
domain dsaj2a1.org 2022-03-10
domain efbthmoiuykmkjkjgt.com 2022-03-10
domain fly1989.com 2022-03-10
domain gggatat456.com 2022-03-10
domain gzcfr5axf6.com 2022-03-10
domain gzcfr5axf7.com 2022-03-10
domain hcxiaoao.com 2022-03-10
domain hostasa.org 2022-03-10
domain lpjulidny7.com 2022-03-10
domain navert0p.com 2022-03-10
domain navicatadvvr.com 2022-03-10
domain s9xk32a.com 2022-03-10
domain s9xk32b.com 2022-03-10
domain s9xk32c.com 2022-03-10
domain sb1024.net 2022-03-10
domain topbannersun.com 2022-03-10
domain wangzongfacai.com 2022-03-10
domain wowapplecar.com 2022-03-10
domain xxxatat456.com 2022-03-10
domain zxcvbmnnfjjfwq.com 2022-03-10
hostname aaa.dsaj2a.org 2022-03-10
hostname update.rinetd.com 2022-03-10
hostname www.rinetd.com 2022-03-10
hostname zxchk.xicp.net 2022-03-10
FileHash-SHA256 b66a52da68ed5ae84ebb13ad7f3b99b5a322315509c1769d6f9bed15a99bbb38 2022-03-10
References (1)
↗ https://security.tencent.com/index.php/blog/msg/173