Pulse Detail — Threat Intelligence

PULSE NAME

Threat Intel Report - W1-2023.pdf

WHITE aa00643640@techmahindra.com 2023-01-02 Modified: 2023-02-01

235

IOCs

HIGH VOLUME

This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools. These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week. Security is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools. These details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.

Indicators of Compromise (235)

All domain FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
domain	abibiall.com	—	2023-01-02
domain	fresherlights.com	—	2023-01-02
domain	uaery.top	—	2023-01-02
domain	winnlinne.com	—	2023-01-02
FileHash-MD5	114738737463a73a549ac1221afd045c	MD5 of 32551f9124a359edf3435979372676a4c5bbaeb0423cc3ec53d382abb39d850f	2023-01-02
FileHash-MD5	1fb1586597ce458ca5545397c73fa08d	MD5 of 000963464f2db00a7d8750c8b9115ae1a4a0b460ab6ac63b7e6452127a1c869e	2023-01-02
FileHash-MD5	2f3257328f785453b6e8ae95dfe5b076	MD5 of 0623234f076aa9621b2552ee65eb98eb234bc50ecbd6b05124a76b0cd2b7b299	2023-01-02
FileHash-MD5	5e445faf7b08cf2ffcac7b38c5d70d5d	MD5 of 4414a9ba25d52ac38509ccf072d32e4f938990e3b02ca3c2d11fbd5cba433ab4	2023-01-02
FileHash-MD5	5f2e9cf31a58bf42d6059f472649ef2f	MD5 of a14600c06ba898ae24152bfdc01c6c514007dec5d81d95161f5fdb3e6399adc0	2023-01-02
FileHash-MD5	70488131ff53f7f73f351f27f86a10ce	MD5 of 308f16cf7000655a28f21e6d159ac68740d6c8437b2a83baaa563912a2bf7a19	2023-01-02
FileHash-MD5	899c63ad442ad628054c96ec16c6049f	MD5 of 591c4b18225fb41ce754ffc0bb30d7cda046f768469470da4757c04613ec00ed	2023-01-02
FileHash-MD5	dff1d2c92492fbe3f8dbc61b98b3898c	MD5 of 4790844cc86c5ad52bf2aa1bce681cf2c3e413ca2ed96bf65a03b7107206dab5	2023-01-02
FileHash-SHA1	00c13aaf0a234930e7e463e6f43f48829285bb6d	SHA1 of 4790844cc86c5ad52bf2aa1bce681cf2c3e413ca2ed96bf65a03b7107206dab5	2023-01-02
FileHash-SHA1	0e382edee1c75a191b17e22d0cbd8e0a5a1c5313	SHA1 of a14600c06ba898ae24152bfdc01c6c514007dec5d81d95161f5fdb3e6399adc0	2023-01-02
FileHash-SHA1	3fd0db010ac77b98959bb7b7d499558a5ba4cdc6	SHA1 of 0623234f076aa9621b2552ee65eb98eb234bc50ecbd6b05124a76b0cd2b7b299	2023-01-02
FileHash-SHA1	5167c7e242b76f4338f35fbf2b7352d278f65148	SHA1 of 591c4b18225fb41ce754ffc0bb30d7cda046f768469470da4757c04613ec00ed	2023-01-02
FileHash-SHA1	70feebd89e898537d4ccfe2522e29af1568d4e68	SHA1 of 32551f9124a359edf3435979372676a4c5bbaeb0423cc3ec53d382abb39d850f	2023-01-02
FileHash-SHA1	82292c62f7ea39ce66e3a8d40a2be37b58975ec5	SHA1 of 000963464f2db00a7d8750c8b9115ae1a4a0b460ab6ac63b7e6452127a1c869e	2023-01-02
FileHash-SHA1	877098531fb4049581a7c81353fc3c7d7dd2083a	SHA1 of 4414a9ba25d52ac38509ccf072d32e4f938990e3b02ca3c2d11fbd5cba433ab4	2023-01-02
FileHash-SHA1	fce5bc2ff5d38c068de759868a6ddfb023cb3ca8	SHA1 of 308f16cf7000655a28f21e6d159ac68740d6c8437b2a83baaa563912a2bf7a19	2023-01-02
FileHash-SHA256	000963464f2db00a7d8750c8b9115ae1a4a0b460ab6ac63b7e6452127a1c869e	—	2023-01-02
FileHash-SHA256	018a65e059d418802b351b4611fe09093e5b50562143ce5a522c28ef0f0bcf10	—	2023-01-02
FileHash-SHA256	0623234f076aa9621b2552ee65eb98eb234bc50ecbd6b05124a76b0cd2b7b299	—	2023-01-02
FileHash-SHA256	16b3d918a15d582ad3ce341eebd932c09c71b6c63bf8107ef816e9b97d317e98	—	2023-01-02
FileHash-SHA256	308f16cf7000655a28f21e6d159ac68740d6c8437b2a83baaa563912a2bf7a19	—	2023-01-02
FileHash-SHA256	32551f9124a359edf3435979372676a4c5bbaeb0423cc3ec53d382abb39d850f	—	2023-01-02
FileHash-SHA256	4414a9ba25d52ac38509ccf072d32e4f938990e3b02ca3c2d11fbd5cba433ab4	—	2023-01-02
FileHash-SHA256	4790844cc86c5ad52bf2aa1bce681cf2c3e413ca2ed96bf65a03b7107206dab5	—	2023-01-02
FileHash-SHA256	51c7f3e3637dfe07b6b51c46947926a2b6b44dcc81c7d6f783c94b49f2b12113	—	2023-01-02
FileHash-SHA256	591c4b18225fb41ce754ffc0bb30d7cda046f768469470da4757c04613ec00ed	—	2023-01-02
FileHash-SHA256	8161be894546ad69d7cbb9232d7527acd8684f3ee143603ddc28e2828479bbd0	—	2023-01-02
FileHash-SHA256	a14600c06ba898ae24152bfdc01c6c514007dec5d81d95161f5fdb3e6399adc0	—	2023-01-02
FileHash-SHA256	cae10648d15513f0e1e0607bb295ecd02c60a90c381508c50a40204c20abd33a	—	2023-01-02
URL	http://102.33.38.207:58130/mozi.m	—	2023-01-02
URL	http://103.24.110.223:54687/bin.sh	—	2023-01-02
URL	http://106.35.58.43:45695/Mozi.a	—	2023-01-02
URL	http://112.239.100.141:42066/i	—	2023-01-02
URL	http://112.248.112.27:48825/bin.sh	—	2023-01-02
URL	http://112.248.152.255:57033/Mozi.m	—	2023-01-02
URL	http://113.203.194.197:57582/Mozi.m	—	2023-01-02
URL	http://113.240.136.178:33247/Mozi.m	—	2023-01-02
URL	http://115.221.12.244:57163/bin.sh	—	2023-01-02
URL	http://115.221.12.244:57163/i	—	2023-01-02
URL	http://115.48.133.181:34637/Mozi.m	—	2023-01-02
URL	http://115.55.130.209:44070/Mozi.m	—	2023-01-02
URL	http://115.61.103.131:57836/i	—	2023-01-02
URL	http://115.61.185.107:49314/Mozi.m	—	2023-01-02
URL	http://116.179.139.183:48202/bin.sh	—	2023-01-02
URL	http://117.195.100.10:35967/mozi.a	—	2023-01-02
URL	http://117.195.96.242:47748/Mozi.m	—	2023-01-02
URL	http://117.196.28.126:59279/Mozi.m	—	2023-01-02
URL	http://117.204.69.158:34492/bin.sh	—	2023-01-02
URL	http://117.208.234.148:59631/Mozi.m	—	2023-01-02
URL	http://117.208.234.217:33616/Mozi.m	—	2023-01-02
URL	http://117.212.165.148:34366/Mozi.m	—	2023-01-02
URL	http://117.214.222.110:52983/Mozi.m	—	2023-01-02
URL	http://117.216.30.12:36654/bin.sh	—	2023-01-02
URL	http://117.216.4.2:58185/Mozi.m	—	2023-01-02
URL	http://117.217.157.31:39394/i	—	2023-01-02
URL	http://117.223.83.37:50044/bin.sh	—	2023-01-02
URL	http://117.223.83.37:50044/i	—	2023-01-02
URL	http://117.223.84.212:58703/Mozi.m	—	2023-01-02
URL	http://117.243.249.70:37399/Mozi.m	—	2023-01-02
URL	http://117.252.211.120:57667/Mozi.m	—	2023-01-02
URL	http://117.253.151.201:50021/Mozi.m	—	2023-01-02
URL	http://117.253.155.69:38498/Mozi.m	—	2023-01-02
URL	http://118.174.109.35:58957/Mozi.m	—	2023-01-02
URL	http://119.123.221.242:51411/Mozi.m	—	2023-01-02
URL	http://119.165.215.20:35994/Mozi.m	—	2023-01-02
URL	http://120.87.32.249:32927/Mozi.m	—	2023-01-02
URL	http://120.87.62.169:51852/Mozi.m	—	2023-01-02
URL	http://121.227.124.206:39136/Mozi.m	—	2023-01-02
URL	http://123.10.131.226:39247/Mozi.m	—	2023-01-02
URL	http://123.10.22.40:38904/Mozi.m	—	2023-01-02
URL	http://123.132.3.138:53912/Mozi.m	—	2023-01-02
URL	http://123.5.139.252:59044/i	—	2023-01-02
URL	http://124.89.9.39:47310/Mozi.a	—	2023-01-02
URL	http://125.106.31.80:57957/Mozi.a	—	2023-01-02
URL	http://125.106.31.80:57957/bin.sh	—	2023-01-02
URL	http://125.106.31.80:57957/i	—	2023-01-02
URL	http://125.41.10.158:57986/Mozi.m	—	2023-01-02
URL	http://125.42.150.93:38121/Mozi.m	—	2023-01-02
URL	http://125.44.11.212:49042/Mozi.m	—	2023-01-02
URL	http://125.47.234.43:41213/i	—	2023-01-02
URL	http://157.122.109.42:46458/Mozi.m	—	2023-01-02
URL	http://163.179.163.197:56074/Mozi.m	—	2023-01-02
URL	http://176.104.4.18:54451/bin.sh	—	2023-01-02
URL	http://176.104.4.18:54451/i	—	2023-01-02
URL	http://178.228.113.196:50272/Mozi.a	—	2023-01-02
URL	http://182.112.29.237:36779/Mozi.m	—	2023-01-02
URL	http://182.116.87.153:52994/Mozi.m	—	2023-01-02
URL	http://182.117.47.247:58567/bin.sh	—	2023-01-02
URL	http://182.117.47.247:58567/i	—	2023-01-02
URL	http://182.120.61.29:55273/bin.sh	—	2023-01-02
URL	http://182.121.12.216:46907/Mozi.m	—	2023-01-02
URL	http://182.121.14.68:51819/mozi.m	—	2023-01-02
URL	http://182.121.218.242:47710/bin.sh	—	2023-01-02
URL	http://182.121.218.242:47710/i	—	2023-01-02
URL	http://182.121.244.46:54523/i	—	2023-01-02
URL	http://182.122.252.95:59542/Mozi.m	—	2023-01-02
URL	http://182.123.208.90:35924/Mozi.m	—	2023-01-02
URL	http://182.126.121.30:42904/Mozi.m	—	2023-01-02
URL	http://182.253.182.67:46398/bin.sh	—	2023-01-02
URL	http://203.134.204.3:57008/Mozi.a	—	2023-01-02
URL	http://219.155.192.5:56588/Mozi.m	—	2023-01-02
URL	http://221.14.184.91:41836/bin.sh	—	2023-01-02
URL	http://221.15.129.232:45943/Mozi.m	—	2023-01-02
URL	http://222.137.237.236:58003/Mozi.m	—	2023-01-02
URL	http://222.188.140.185:41738/Mozi.m	—	2023-01-02
URL	http://27.210.234.212:52724/Mozi.m	—	2023-01-02
URL	http://27.43.101.218:57123/Mozi.m	—	2023-01-02
URL	http://27.43.117.92:34664/Mozi.m	—	2023-01-02
URL	http://27.45.36.127:48560/Mozi.a	—	2023-01-02
URL	http://27.45.57.117:41958/Mozi.a	—	2023-01-02
URL	http://27.6.193.190:58632/Mozi.m	—	2023-01-02
URL	http://39.81.170.190:42353/Mozi.m	—	2023-01-02
URL	http://42.231.215.189:42989/i	—	2023-01-02
URL	http://42.233.111.31:36518/i	—	2023-01-02
URL	http://42.234.141.208:47253/Mozi.m	—	2023-01-02
URL	http://58.252.181.66:36969/Mozi.m	—	2023-01-02
URL	http://58.253.7.93:41776/Mozi.m	—	2023-01-02
URL	http://58.255.211.38:55616/Mozi.a	—	2023-01-02
URL	http://59.58.108.17:36214/bin.sh	—	2023-01-02
URL	http://59.58.108.17:36214/i	—	2023-01-02
URL	http://59.92.160.170:44896/i	—	2023-01-02
URL	http://59.92.167.177:45327/Mozi.m	—	2023-01-02
URL	http://59.92.41.63:44256/Mozi.m	—	2023-01-02
URL	http://59.93.26.126:58737/bin.sh	—	2023-01-02
URL	http://59.99.134.201:59302/Mozi.m	—	2023-01-02
URL	http://59.99.143.205:58165/i	—	2023-01-02
URL	http://61.52.26.169:55116/i	—	2023-01-02
URL	http://61.53.237.113:34950/Mozi.m	—	2023-01-02
URL	http://80.200.36.50:34220/Mozi.m	—	2023-01-02
URL	http://jevereg.amnpardaz.com/	—	2023-01-02
domain	astdg.top	—	2023-01-02
domain	awaisghauri.com	—	2023-01-02
domain	dowe.at	—	2023-01-02
domain	erit.top	—	2023-01-02
domain	ex3mall.com	—	2023-01-02
domain	frederikkempe.com	—	2023-01-02
domain	fuyt.org	—	2023-01-02
domain	gayworld.at	—	2023-01-02
domain	goldmonexx.com	—	2023-01-02
domain	grabberz.com	—	2023-01-02
domain	hermonex.com	—	2023-01-02
domain	holdingmonex.com	—	2023-01-02
domain	host-file-host6.com	—	2023-01-02
domain	kotob.top	—	2023-01-02
domain	loes.com	—	2023-01-02
domain	majul.com	—	2023-01-02
domain	makingmillionaires.net	—	2023-01-02
domain	mon-ex.com	—	2023-01-02
domain	monetglobal.com	—	2023-01-02
domain	moneusa.com	—	2023-01-02
domain	monexcapital.com	—	2023-01-02
domain	monexer.com	—	2023-01-02
domain	monexfor.com	—	2023-01-02
domain	monexx.com	—	2023-01-02
domain	monmex.com	—	2023-01-02
domain	monoeurope.com	—	2023-01-02
domain	mxtrade.com	—	2023-01-02
domain	myclick-2.com	—	2023-01-02
domain	myplaywin3.com	—	2023-01-02
domain	pankiss.ru	—	2023-01-02
domain	potunulit.org	—	2023-01-02
domain	securebiz.org	—	2023-01-02
domain	tbpws.top	—	2023-01-02
domain	tlesporato.cf	—	2023-01-02
domain	tunulit.org	—	2023-01-02
domain	tzgl.org	—	2023-01-02
domain	vatra.at	—	2023-01-02
domain	vmonex.com	—	2023-01-02
domain	wrrst.top	—	2023-01-02
domain	xaker.name	—	2023-01-02
domain	xisac.com	—	2023-01-02
domain	zerit.top	—	2023-01-02
hostname	24709.portmap.io	—	2023-01-02
hostname	29206.portmap.io	—	2023-01-02
hostname	30957.portmap.host	—	2023-01-02
hostname	31431.portmap.host	—	2023-01-02
hostname	36317.portmap.io	—	2023-01-02
hostname	39173.portmap.host	—	2023-01-02
hostname	4-49629.portmap.host	—	2023-01-02
hostname	41073.portmap.io	—	2023-01-02
hostname	41825.portmap.io	—	2023-01-02
hostname	45008.portmap.io	—	2023-01-02
hostname	45800.portmap.io	—	2023-01-02
hostname	46374.portmap.host	—	2023-01-02
hostname	46409.portmap.io	—	2023-01-02
hostname	48085.portmap.host	—	2023-01-02
hostname	50729.portmap.io	—	2023-01-02
hostname	53190.portmap.io	—	2023-01-02
hostname	53370.portmap.io	—	2023-01-02
hostname	54588.portmap.host	—	2023-01-02
hostname	60804.portmap.host	—	2023-01-02
hostname	64200.portmap.host	—	2023-01-02
hostname	65001.portmap.io	—	2023-01-02
hostname	adam98-31431.portmap.host	—	2023-01-02
hostname	adeladly540-50729.portmap.io	—	2023-01-02
hostname	andreithekoala-46374.portmap.host	—	2023-01-02
hostname	cyberboihaha-64200.portmap.host	—	2023-01-02
hostname	easychat-46409.portmap.io	—	2023-01-02
hostname	fdgdf-40026.portmap.io	—	2023-01-02
hostname	fenix1337-60804.portmap.host	—	2023-01-02
hostname	flingmodder-53370.portmap.io	—	2023-01-02
hostname	gangzesty-24709.portmap.io	—	2023-01-02
hostname	hulky-41073.portmap.io	—	2023-01-02
hostname	incognitoslayer-45800.portmap.io	—	2023-01-02
hostname	instance21842.waicore.network	—	2023-01-02
hostname	jevereg.amnpardaz.com	—	2023-01-02
hostname	kirill333-20714.portmap.io	—	2023-01-02
hostname	kirill98798798-54588.portmap.host	—	2023-01-02
hostname	kosovocool-45008.portmap.io	—	2023-01-02
hostname	loshok228-39173.portmap.host	—	2023-01-02
hostname	luckykazya-29206.portmap.io	—	2023-01-02
hostname	mail.guretruck.com	—	2023-01-02
hostname	mail.kemenanganjaya.co.id	—	2023-01-02
hostname	mail.tst.co.th	—	2023-01-02
hostname	makapph3-30957.portmap.host	—	2023-01-02
hostname	maksim160910-36317.portmap.io	—	2023-01-02
hostname	ozot-26657.portmap.host	—	2023-01-02
hostname	primordialez-65001.portmap.io	—	2023-01-02
hostname	pxmx01.wontech.de	—	2023-01-02
hostname	raxetag791-41825.portmap.io	—	2023-01-02
hostname	rd-35830.portmap.io	—	2023-01-02
hostname	rust.compute-pipe.com	—	2023-01-02
hostname	s1.krayons.biz	—	2023-01-02
hostname	searchkn1.sima-land.ru	—	2023-01-02
hostname	serverless-benchmarks-rust.compute-pipe.com	—	2023-01-02
hostname	skyy-43981.portmap.host	—	2023-01-02
hostname	static.esplay.io	—	2023-01-02
hostname	techbee20-53190.portmap.io	—	2023-01-02
hostname	voordiegass-48085.portmap.host	—	2023-01-02
hostname	www.contohsurat.my.id	—	2023-01-02
hostname	www.xmlformats.com	—	2023-01-02

References (3)

↗ https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_ Real-time ↗ https://www.dnsbl.info/ ↗ https://www.spamhaus.org/xbl/