← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Intel Report - W19-2023
WHITE aa00643640@techmahindra.com 2023-05-08 Modified: 2023-05-08
581
IOCs
HIGH VOLUME
This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools. These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week. Security is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools. These details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.
kimsukycactusakiraworkstationfusion softwarecvsscvss basevmwaremicrosoft azureapi managementnew androidzyxel firewallcode executionpatchaprilterminalhashes domainsrussiaip addressblacklist hostip countrylatest spambotvisitactivitygermanyindiaguatemalaquakbotredlinestealerprivateloaderdatemalware urltagssmokeloaderbertnitsha1 filename submit
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
Akira Cactus Kimsuky
Indicators of Compromise (111 / 581 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 IPv4 URL domain hostname CVE
TYPEINDICATORDESCRIPTIONCREATED
URL http://77.91.124.20/DSC01491/foto0183.exe 2023-05-08
URL http://coudzoom.ru/rmsuxjhfgsgf/rmns.exe 2023-05-08
URL http://link.storjshare.io/jwgxwvintmbhhyz6izi7pm6fk3ga/na5la%2Fkanao%2Fpoweroff.exe?download=1 2023-05-08
URL http://respekt5567.com/downloads/toolspub1.exe 2023-05-08
URL https://77.91.124.20/DSC01491/fotocr54.exe 2023-05-08
URL https://anincrush32.my.id/macois2.1.exe 2023-05-08
URL https://anincrush32.my.id/ostaj2.1.exe 2023-05-08
URL https://newk1.shop/pPKcBMeH/Halkbank.exe 2023-05-08
URL http://cinnamonconnection.com.au/plo/rentfree.dat 2023-05-08
URL http://samfishtrading.com/plo/rentfree.dat 2023-05-08
URL https://cljit.com.mx/oros/sedamet.php 2023-05-08
URL https://droomsoft.com/wp-admin/images/align-center-3x.ico 2023-05-08
URL http://104.238.172.90/rentfree.dat 2023-05-08
URL http://185.117.88.214/rentfree.dat 2023-05-08
URL http://207.246.114.83/rentfree.dat 2023-05-08
URL http://208.67.105.179/tmglobalzx.exe ae0d0c2a31f5fc59eb85300918c89dff9449822b197c41d35b372d57308aa9e5 2023-05-08
URL http://45.155.37.150/rentfree.dat 2023-05-08
URL http://45.8.191.173/rentfree.dat cab538fd1647961eb35348c1bd84e1fde389ad89672587d2fe3c007a0bc9e67f 2023-05-08
URL http://62.204.41.23/file/file.exe d540f75897495102dd30eaa924623ac40415e8a716bdcbadf7d7c9a00feb5c97 2023-05-08
URL http://77.91.68.62/gallery/photo_560.exe bac344a7b095f3c658cc680a7c71f931dec03f677f4f5793c0ed7cae80ab8009 2023-05-08
URL http://85.217.144.143/files/5_6232986114823555269.exe bb5d251130efb47c960fa6b622a603ed4c53e91494f8ebaceefcd65899b02d6a 2023-05-08
URL http://85.217.144.143/files/Had.exe 3f3a756e029dd0cfbf8104950a863162e31f7223997f936866ca214827b59666 2023-05-08
URL http://98.142.254.175/rentfree.dat 2023-05-08
URL http://acuagro.mx/gkonf/rentfree.zip 2023-05-08
URL http://ahaci.com/gnome2/rentfree.zip 2023-05-08
URL http://ambujagroup.com/gkonf/rentfree.zip 2023-05-08
URL http://castroycontadores.com/gnome2/rentfree.zip 2023-05-08
URL http://caucionalquiler.com.ar/gnome2/rentfree.zip 2023-05-08
URL http://cctafrica.com/plo/rentfree.dat 2023-05-08
URL http://coralpac.com/gkonf/rentfree.zip 2023-05-08
URL http://hadrok.com/gkonf/rentfree.zip 2023-05-08
URL http://homospoison.ru/one/portable.exe cd0226a2b9c38ab99f2bbe4461b7fc9d4b07faafbe1ccc53d92bf08d1903a8ae 2023-05-08
URL http://iperceptsondemand.com/gkonf/rentfree.zip 2023-05-08
URL http://ji.uiasehgjj.com/m/ppls25.exe 82e7dd71b5ff943bb1829fbba1f1903948a98e2ebd901ea6bf15054ec8d3bd47 2023-05-08
URL http://lodar2ben.top/originalbuild.exe 2bb8bfd91c20d0bcbaef017bb7c0160644a87ded17fa8bdf181d0d14db107641 2023-05-08
URL http://lucknowiotpark.com/gkonf/rentfree.zip 2023-05-08
URL http://neombiz.in/plo/rentfree.dat 2023-05-08
URL http://piedraindigo.com/gnome2/rentfree.zip 2023-05-08
URL http://respekt5567.com/downloads/toolspub2.exe fccfae2797573be0bc565562b156a465fa8ead5c0efa50cab0ccc668d52ff4de 2023-05-08
URL http://sgindustries.lk/gnome2/rentfree.zip 2023-05-08
URL http://shopinistdeals.com/plo/rentfree.dat 2023-05-08
URL http://strive24.com/gnome2/rentfree.zip 2023-05-08
URL http://zenithgurukul.in/v1.exe 45ac86c9c4501113f3912d513270d66a5c7bf5a6edb0a89fbb23965271b1049f 2023-05-08
URL https://advising-experts.com/er/ 2023-05-08
URL https://aghazpakistanirestaurant.com/eone/ 2023-05-08
URL https://alldora.net/rs/ 2023-05-08
URL https://anincrush32.my.id/islight2.1.exe 14b4f36af1e77933e2f869e534832b03a81c3c75862e3912800c322dccd387fa 2023-05-08
URL https://babajidebalogun.com/aeva/ 2023-05-08
URL https://cacmaranura.com/Password_2022_Installer.zip 63fb780dfdffe9ee218f177c40eeb19a721a5a9f3ac6530a1ecaced2cf8e5ce8 2023-05-08
URL https://camfirstsolutions.com/tm/fugain.php 2023-05-08
URL https://celebswaistsizes.com/ni/ 2023-05-08
URL https://changelife.vip/gkonf/rentfree.zip 2023-05-08
URL https://computerandphoneshop.com/ta/ 2023-05-08
URL https://conexaocancun.com.br/qeam/minimasoluta.php 2023-05-08
URL https://crispo.com.br/ad/enimest.php 2023-05-08
URL https://dicefactory.net/ied/corruptiut.php 2023-05-08
URL https://digitechmarketing.com.au/ipus/etdolorem... 2023-05-08
URL https://dolcestella.com.br/ie/quidemfugiat.php a8f82dc2fddb6cee308b183dd489537b2e14b820846fabff82b9376d499d775e 2023-05-08
URL https://egypt.basketball/plo/rentfree.dat 2023-05-08
URL https://elegance-art.com/icu/cumquefacere.php 2023-05-08
URL https://elmenawytrans.com/rtmd/ 2023-05-08
URL https://epc.com.co/ais/enimullam.php 2023-05-08
URL https://equranhadith.com/gnome2/rentfree.zip 2023-05-08
URL https://evolvedigitech.com.au/iea/ 2023-05-08
URL https://grupoenergua.com/seb/ 2023-05-08
URL https://hhplmining.com/lmu/voluptatemeveniet.php 2023-05-08
URL https://housingwcare.com/av/esseest.php 2023-05-08
URL https://htmexico.com.mx/npl/ 2023-05-08
URL https://i-lan.net/ip/ 2023-05-08
URL https://ilracm.com/dos/quasullam.php 2023-05-08
URL https://instinctux.com/gkonf/rentfree.zip 2023-05-08
URL https://institutofibonacci.edu.pe/download/File_pass1234.7z 2023-05-08
URL https://investkarlo.com/udid/ 2023-05-08
URL https://ironpocket.cloud/cryptocoin.exe 2023-05-08
URL https://jiviz.com/et/ 2023-05-08
URL https://levelh.bg/wp-content/download/File_pass1234.zip 30db0dcad8e1b81174ddd31ed35d0d68898af4443e61ce41b1e05232f904bdf8 2023-05-08
URL https://meqyas.ae/download/File_pass1234.zip 2023-05-08
URL https://mjlfa.reseller.wonderfulworldblog.com/gotoCheckout 2023-05-08
URL https://myd-contadores.com/rmai/ b0c7e6712ecbf97a1e3a14f19e3aed5dbd6553f21a2852565bfc5518925713db 2023-05-08
URL https://mygotomusic.com/iq/ 2023-05-08
URL https://newk1.shop/LzDBxdjP/newvice.hta 2023-05-08
URL https://newk1.shop/UUisfkPI/vice.exe a3e34d9df2e5ed18ecb2236c44428ecb068bf476767eb482e0812eeb761071fd 2023-05-08
URL https://nftday.art/Setup2.exe f23415e5caa73fa74f406d4f589e4aa815de7ff2b301ddd61f9b67a733127907 2023-05-08
URL https://nftday.art/am.exe 90fd1a34bfc130e0d23555bf7f57a4e7d1cd49ae035b29c02aa76eef28b07a9e 2023-05-08
URL https://nftday.art/cl.exe 2023-05-08
URL https://nftday.art/rundll32.exe c16037f4aa5a4e8405ee97b1fe2fdc84213a7a4b908ce64e8fe23f5c2a123abc 2023-05-08
URL https://nftday.art/st.exe 19218815aa64fef134527691a1cb8ec5d5ac6c392d6f09a552af541d521f9848 2023-05-08
URL https://oneempreendimentos.com.br/ueos/ 2023-05-08
URL https://petchx.com/pylox/petch.exe 2023-05-08
URL https://primetransport.com.br/nsa/ 2023-05-08
URL https://protonme.support/dll/winhost32.exe 2023-05-08
URL https://publikiam.com.br/rta/ 2023-05-08
URL https://ramjayglobalconsults.com/iora/ 2023-05-08
URL https://safrat-alriyadh.com/tsu/ 2023-05-08
URL https://sasms.co/plo/rentfree.dat 2023-05-08
URL https://scarletespinal.com/download/File_pass1234.zip 26dbee1dbe6a64bad7bf640358e09ec59363e4b21fcae1f99f80e8e2d6d350c4 2023-05-08
URL https://smartfundingteam.com/nut/ 2023-05-08
URL https://smartphoodapp.com/loaderx.exe 2023-05-08
URL https://smartphoodapp.com/miner.exe 2023-05-08
URL https://smartphoodapp.com/xmine.exe 2023-05-08
URL https://thecradio.com/cai/ 2023-05-08
URL https://thomasakvo.com/download/File_pass1234.zip 2023-05-08
URL https://tigerindianschool.com/plo/rentfree.dat 2023-05-08
URL https://ubi.score.symposiumhaiti.com/gotoCheckout 2023-05-08
URL https://wtools.io/code/dl/bHoB 2023-05-08
URL https://wtools.io/code/dl/bLGW 2023-05-08
URL https://wtools.io/code/dl/bMfk 2023-05-08
URL https://www.hotel-argentum.com/download/File_pass1234.zip 7923afb1384993daba71870cedc183e66fb847b8bbc17c7b41c89692b15e5426 2023-05-08
URL https://ycnexgroup.com/download/File_pass1234.7z 528bddf23c3d4debb0cd306719feef1596e401bc902bef086a488339b586627f 2023-05-08
URL https://yildirimdagitim.com/v1.exe 3278651feaa6ef551f129a85d9e530f693a5dbf91b900024ee7533eff03efd38 2023-05-08
URL http://212.113.119.255 2023-05-08
References (3)
↗ https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_Real-time ↗ https://www.dnsbl.info/ ↗ https://psbl.org/