Pulse Detail — Threat Intelligence

PULSE NAME

Threat Intel Report - W11-2023

WHITE aa00643640@techmahindra.com 2023-03-13 Modified: 2023-04-12

426

IOCs

HIGH VOLUME

This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools. These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week. Security is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools. These details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.

Indicators of Compromise (142 / 426 total)

All hostname FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE URL domain

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	http://0xy.link/yCp.exe	—	2023-03-13
URL	http://106.54.169.77/wp-content/yxQWf/	—	2023-03-13
URL	http://144.217.167.138/connect/index.php	—	2023-03-13
URL	http://1it.fit/site_vp/uv4LLIIDH/	—	2023-03-13
URL	http://2308.prvalps.net/Downloads/office.exe	—	2023-03-13
URL	http://793f9.tool.pearldentalgroup.ca/subscribeEvent	—	2023-03-13
URL	http://a.dowgmua.com/gamexyz/2201/random.exe	—	2023-03-13
URL	http://a.dowgmua.com/gamexyz/2203/random.exe	—	2023-03-13
URL	http://a.dowgmua.com/gamexyz/27/random.exe	—	2023-03-13
URL	http://a.dowgmua.com/gamexyz/3002/random.exe	—	2023-03-13
URL	http://a.dowgmua.com/gamexyz/3003/random.exe	—	2023-03-13
URL	http://a.dowgmua.com/gamexyz/3004/random.exe	—	2023-03-13
URL	http://a.dowgmua.com/gamexyz/3005/random.exe	—	2023-03-13
URL	http://a.dowgmua.com/gamexyz/35/random.exe	—	2023-03-13
URL	http://acfs-brisbane.org.au/ARCHIVE/dTVHslBcIgEB/	—	2023-03-13
URL	http://adobe-l.com/b326b5062b2f0e69046810717534cb90.php	—	2023-03-13
URL	http://ahinft.com/wp-admin/NQWo5B8ww21EBAW/	—	2023-03-13
URL	http://alfredreinigung.ch/connect/index.php	—	2023-03-13
URL	http://ali.faqun.cn/8uhjvgd/nhAOl4DRmdOKz/	—	2023-03-13
URL	http://ali.faqun.cn/8uhjvgd/nhAOl4DRmdOKz/?114352&c=1	—	2023-03-13
URL	http://baumart.lv/wp-admin/S8jHW33QU77gLz/	—	2023-03-13
URL	http://beyond.psiloveyou.co.za/dR05Bvq90dvlsVBzn/	—	2023-03-13
URL	http://binkd.world/gallery/photo_004.exe	—	2023-03-13
URL	http://blog.perio.com.tr/wp-admin/Boo3JTROHh7/	—	2023-03-13
URL	http://blog.perio.com.tr/wp-admin/Boo3JTROHh7/?114134&c=1	—	2023-03-13
URL	http://bonita.pro/services/6njgHqkwYuu/	—	2023-03-13
URL	http://dc437.4sync.com/download/zvtA7LCH/Installer__16_.msi	—	2023-03-13
URL	http://diasgallery.com/about/R/	—	2023-03-13
URL	http://do4aopt.com/email_layout/nFYBKBmLJQxGnQRuG4/	—	2023-03-13
URL	http://ebfertility.com/portline-containers.com/serv.exe	—	2023-03-13
URL	http://eco-fly.ru/news/u/	—	2023-03-13
URL	http://esentai-gourmet.kz/404/EDt0f/	—	2023-03-13
URL	http://from-free.click/files.zip	—	2023-03-13
URL	http://goldgames.vip/dwn/Ind%D0%B5sign_32%D1%8564bit.rar	—	2023-03-13
URL	http://guy-barn.cfd/file.zip	—	2023-03-13
URL	http://guy-buddy.xyz/file.zip	—	2023-03-13
URL	http://h167805.srv21.test-hf.su/80.exe	—	2023-03-13
URL	http://hold-easy.click/file.zip	—	2023-03-13
URL	http://houssagynecologue.com/assets/js/sqlcmd.exe	—	2023-03-13
URL	http://ht-dilemma.xyz/file.zip	—	2023-03-13
URL	http://ht-input.cfd/file.zip	—	2023-03-13
URL	http://ht-queen.cfd/file.zip	—	2023-03-13
URL	http://imax-mobile.be/serv.exe	—	2023-03-13
URL	http://inthbc.com/scarica/AgenziaEntrate.zip	—	2023-03-13
URL	http://inthbc.com/scarica/Direzione.zip	—	2023-03-13
URL	http://inthbc.com/scarica/azienda.zip	—	2023-03-13
URL	http://inthbc.com/scarica/cliente.zip	—	2023-03-13
URL	http://inthbc.com/scarica/contratto.zip	—	2023-03-13
URL	http://inthbc.com/scarica/impresa.zip	—	2023-03-13
URL	http://ji.jhia6gyygcc.com/m/ss25.exe	—	2023-03-13
URL	http://ji.jhia6gyygcc.com/m/ss27.exe	—	2023-03-13
URL	http://ji.jjhia6gy89ee.com/m/ss35.exe	—	2023-03-13
URL	http://ji.jjhia6gy89ee.com/m/ss37.exe	—	2023-03-13
URL	http://johnstewartstudies.org/clL1rQdzP1XCeJa5O3Z/	—	2023-03-13
URL	http://jopsdk.eu/gallery/photo_004.exe	—	2023-03-13
URL	http://jopsdk.eu/java/centos/33940/10032b.exe	—	2023-03-13
URL	http://kimikonadia.duckdns.org/lzba/Protected.exe	—	2023-03-13
URL	http://kroner.pro/wp-includes/wzYUuHY2h/	—	2023-03-13
URL	http://kuhn-sun.xyz/file.zip	—	2023-03-13
URL	http://ladejobi.com/Hasbro3311.exe	—	2023-03-13
URL	http://libnde.eu/gallery/photo_004.exe	—	2023-03-13
URL	http://lilib.world/gallery/photo_004.exe	—	2023-03-13
URL	http://lionpf.world/gallery/photo_004.exe	—	2023-03-13
URL	http://lionpf.world/java/centos/33940/10032b.exe	—	2023-03-13
URL	http://lisaerp.com/ncsA/g7zWosP/	—	2023-03-13
URL	http://llantasbenitez.com/connect/index.php	—	2023-03-13
URL	http://lutanedukasi.co.id/wp-includes/maxbndv4.4.1.exe	—	2023-03-13
URL	http://melkovsky.com/advice/ZRSaP7QA5yTv1fZs/	—	2023-03-13
URL	http://merfs.fun/gallery/photo_004.exe	—	2023-03-13
URL	http://merfs.fun/java/centos/33940/10032b.exe	—	2023-03-13
URL	http://mi-shop.fi/store/U3XHjnJfGV/	—	2023-03-13
URL	http://midcoastsupplies.com.au/configNQS/Es2oE4GEH7fbZ	—	2023-03-13
URL	http://midcoastsupplies.com.au/configNQS/Es2oE4GEH7fbZ/	—	2023-03-13
URL	http://midcoastsupplies.com.au/configNQS/mh7qtrxo/	—	2023-03-13
URL	http://midcoastsupplies.com.au/configNQS/rGgpv/	—	2023-03-13
URL	http://miyyf.world/gallery/photo_004.exe	—	2023-03-13
URL	http://miyyf.world/java/centos/33940/10032b.exe	—	2023-03-13
URL	http://mtp.evotek.vn/wp-content/L/	—	2023-03-13
URL	http://mugigr.eu/gallery/photo_003.exe	—	2023-03-13
URL	http://muifv.world/gallery/photo_004.exe	—	2023-03-13
URL	http://musivb.eu/gallery/photo_004.exe	—	2023-03-13
URL	http://new-high.click/file.zip	—	2023-03-13
URL	http://niancr.world/java/centos/33940/10032b.exe	—	2023-03-13
URL	http://nidndp.eu/gallery/photo_004.exe	—	2023-03-13
URL	http://ninff.world/gallery/photo_004.exe	—	2023-03-13
URL	http://pablobreijo.es/connect/index.php	—	2023-03-13
URL	http://phelieuthinhvuong.com/scarica/cliente.zip	—	2023-03-13
URL	http://phelieuthinhvuong.com/scarica/impresa.zip	—	2023-03-13
URL	http://pretorlex.com/scarica/AgenziaEntrate.zip	—	2023-03-13
URL	http://pretorlex.com/scarica/cliente.zip	—	2023-03-13
URL	http://pretorlex.com/scarica/impresa.zip	—	2023-03-13
URL	http://procraft.com/wp-content/R4Bkr8bQSo/	—	2023-03-13
URL	http://productdownload.online/scandocuments/docdav4564.exe	—	2023-03-13
URL	http://renacer.jgorange.com/connect/index.php	—	2023-03-13
URL	http://rodnye.by/forum/W17y2TUxK/	—	2023-03-13
URL	http://rollodoors.com/FwkrYHRQMYigbJIaxtQdb87.java	—	2023-03-13
URL	http://rref.su/uchastniki/aO44/	—	2023-03-13
URL	http://saoudflowers.com/connect/index.php	—	2023-03-13
URL	http://saoudflowers.com/mise/Documenti.zip	—	2023-03-13
URL	http://schaublorenz.su/auth/8B4JqBrKAGX/	—	2023-03-13
URL	http://segurda.top/dll/loader_p1_dll_64_n1_x64_inf.dll53.dll	—	2023-03-13
URL	http://segurda.top/gatef.php	—	2023-03-13
URL	http://stavros.dns-you.com/down/File_pass1234.zip	—	2023-03-13
URL	http://steadyshop.pro/css/JWOmj7qE45opQah/	—	2023-03-13
URL	http://sto55.com/about-company/ZkYjYMFGvJo/	—	2023-03-13
URL	http://studyrf.com/information/wrzZ/	—	2023-03-13
URL	http://suplv.fun/gallery/photo_003.exe	—	2023-03-13
URL	http://tatianka.com:443/pub/WJPrHm5OtTt/	—	2023-03-13
URL	http://tcbdining.com/scarica/AgenziaEntrate.zip	—	2023-03-13
URL	http://tcbdining.com/scarica/cliente.zip	—	2023-03-13
URL	http://tcbdining.com/scarica/impresa.zip	—	2023-03-13
URL	http://teammicrosoftindia.com/connect/index.php	—	2023-03-13
URL	http://tik-billion.click/files.zip	—	2023-03-13
URL	http://tornomoita.com/RoMunITrLKUraN4728294.exe	—	2023-03-13
URL	http://transtekhnika.by/karta-diagnosticheskih-stanciy/fmCjk/	—	2023-03-13
URL	http://trauko.org/download/File_pass1234.zip	—	2023-03-13
URL	http://trungtambaohanhmaylanh.com/connect/index.php	—	2023-03-13
URL	http://truongnoivu-phqn.edu.vn/media/hansborja2.1.exe	—	2023-03-13
URL	http://truongnoivu-phqn.edu.vn/media/jestido.exe	—	2023-03-13
URL	http://truongnoivu-phqn.edu.vn/media/ketitan2.1.exe	—	2023-03-13
URL	http://truongnoivu-phqn.edu.vn/media/mantebo3.1.exe	—	2023-03-13
URL	http://truongnoivu-phqn.edu.vn/media/metabolom4.1.exe	—	2023-03-13
URL	http://twizt.net/newtpp.exe	—	2023-03-13
URL	http://uaery.top/dl/build.exe	—	2023-03-13
URL	http://www.189dom.com/xue80/C0aJr5tfI5Pvi8m/	—	2023-03-13
URL	http://www.cpasdrole.com/handdiy_2.exe	—	2023-03-13
URL	http://www.dnautik.com/wp-includes/UmAJjAP/	—	2023-03-13
URL	http://www.dnautik.com/wp-includes/UmAJjAP/?090459&c=1	—	2023-03-13
URL	http://www.imagn.world/storage/dd_64.exe	—	2023-03-13
URL	http://www.imagn.world/storage/sqlcmd.exe	—	2023-03-13
URL	http://www.kakadu.by/news/7h1iV2qbu/	—	2023-03-13
URL	http://www.nprlogistica.com.br/wp-	—	2023-03-13
URL	http://www.nprlogistica.com.br/wp-content/down/File_pass1234.zip	—	2023-03-13
URL	http://www.snaptikt.com/wp-includes/aM4Cz6wp2K4sfQ/	—	2023-03-13
URL	http://www.spaziosei.it/connect/index.php	—	2023-03-13
URL	http://www.spaziosei.it/mise/Cliente.zip	—	2023-03-13
URL	http://www.spaziosei.it/mise/Contratto.zip	—	2023-03-13
URL	http://www.spaziosei.it/mise/Disposizioni.zip	—	2023-03-13
URL	http://www.spaziosei.it/mise/Gestione.zip	—	2023-03-13
URL	http://www.spaziosei.it/mise/Servizi.zip	—	2023-03-13
URL	http://www.tractorandinas.com/jscontents/kdnfkjs.sfx.exe	—	2023-03-13
URL	http://xinyuhuang.com/images/48onjwxGImMdiUx/	—	2023-03-13

References (3)

↗ https://www.spamcop.net/ ↗ https://www.cvedetails.com/vulnerability-list/year-2019/vulnerabilities.html ↗ https://www.silobreaker.com/category/threat-reports/