Pulse Detail — Threat Intelligence

PULSE NAME

x4k.sh

WHITE dorkingbeauty1 2022-08-05 Modified: 2022-08-05

108

IOCs

HIGH VOLUME

↓ CSV ↓ JSON

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1012 T1027 T1057 T1082 T1497

Indicators of Compromise (39 / 108 total)

All FileHash-SHA256 hostname domain URL FileHash-MD5 FileHash-SHA1

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	https://www.crowdstrike.com/endpoint-security-products/falcon-sandbox-malware-analysis/	—	2022-08-05
URL	https://www.crowdstrike.com/endpoint-security-products/falcon-	—	2022-08-05
URL	https://www.crowdstrike.com/endpoint-security-	—	2022-08-05
URL	https://twitter.com/HybridAnalysis	—	2022-08-05
URL	http://fontello.com	—	2022-08-05
URL	http://e.value.runtime.name	—	2022-08-05
URL	http://java.runtime.name	—	2022-08-05
URL	https://e.value.runtime.name	—	2022-08-05
URL	https://java.runtime.name	—	2022-08-05
URL	http://eq.gopkg.in	—	2022-08-05
URL	http://gopkg.in/square/go-jose%2ev2.JSONWebSignature.computeAuthData	—	2022-08-05
URL	http://gopkg.in/square/go-jose%2ev2.ecEncrypterVerifier.verifyPayload	—	2022-08-05
URL	http://gopkg.in/square/go-jose%2ev2.edEncrypterVerifier.verifyPayload	—	2022-08-05
URL	http://gopkg.in/square/go-jose%2ev2.rawHeader.getSignatureAlgorithm	—	2022-08-05
URL	http://gopkg.in/square/go-jose%2ev2.rsaEncrypterVerifier.verifyPayload	—	2022-08-05
URL	http://gopkg.in/square/go-jose.v2/json.	—	2022-08-05
URL	http://p1.gopkg.in	—	2022-08-05
URL	http://p2.gopkg.in	—	2022-08-05
URL	http://p3.gopkg.in	—	2022-08-05
URL	http://staging.gopkg.in	—	2022-08-05
URL	https://eq.gopkg.in	—	2022-08-05
URL	https://gopkg.in/go	—	2022-08-05
URL	https://gopkg.in/neurosnap/sentences.v1	—	2022-08-05
URL	https://gopkg.in/warnings.v0	—	2022-08-05
URL	https://gopkg.in/yaml.v3	—	2022-08-05
URL	https://p1.gopkg.in	—	2022-08-05
URL	https://p2.gopkg.in	—	2022-08-05
URL	https://p3.gopkg.in	—	2022-08-05
URL	https://staging.gopkg.in	—	2022-08-05
URL	http://repo.x4k.dev/windows/	—	2022-08-05
URL	http://repo.x4k.dev/windows/kms.cmd	—	2022-08-05
URL	https://repo.x4k.dev/windows/pstrap.ps1	—	2022-08-05
URL	https://repo.x4k.dev/windows/windows.jpegidna	—	2022-08-05
URL	https://www.falcon-sandbox.com/sample/8ff79e8070b432354bad483ea5fcf95317e234053816f88b03b5d863be775e13?environmentId=100&lang=de	—	2022-08-05
URL	http://golang.org/x/oauth2	—	2022-08-05
URL	http://golang.org/x/net/bpf	—	2022-08-05
URL	http://gopkg.in/ini.v1	—	2022-08-05
URL	http://repo.x4k.dev/windows/frph.exe	—	2022-08-05
URL	https://www.falcon-sandbox.com/	—	2022-08-05

References (1)

↗ x4k dev second exe scan hybrid.pdf