← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Marca newspaper attacked by ransomware
WHITE joserraUC3M 2023-08-17 Modified: 2023-08-17
33
IOCs
MEDIUM VOLUME
Marca newspaper attacked by some ransomware variant of wannacry
cryptcreatehashcrypthashdatacryptderivekeysysgetgh204503254tempcalgmd5cryptdecryptbinarydataformerfirstratpythonnfloghellobridgeplugx
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Sysget HelloBridge PlugX
Indicators of Compromise (33)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain hostname URL
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 01234567890123456789012345678901 2023-08-17
FileHash-MD5 07660815420f6d5b2dcc0f63434a6c60 2023-08-17
FileHash-MD5 4890c2d546fa48a536b75b48b17de023 2023-08-17
FileHash-MD5 70efdf2ec9b086079795c442636b55fb 2023-08-17
FileHash-MD5 aa8ac5ed26b9bf4f8d3bd1b2dcaa82f6 2023-08-17
FileHash-MD5 fc1a8359e0f4cb8d60920dc066b8b21c 2023-08-17
FileHash-SHA1 0716d9708d321ffb6a00818614779e779925365c SHA1 of 70efdf2ec9b086079795c442636b55fb 2023-08-17
FileHash-SHA256 4523540f1504cd17100c4835e85b7eefd49911580f8efff0599a8f283be6b9e3 SHA256 of 70efdf2ec9b086079795c442636b55fb 2023-08-17
domain biosnews.info 2023-08-17
FileHash-SHA256 227de988efdcf886bc0be7dc3df9f51a727664593de47352df31757853e42968 2023-08-17
FileHash-SHA256 35784ec1968d322092cb6826f7795f65eeb0b8365ac8c7d8756851c92acf31ae 2023-08-17
FileHash-SHA256 3ec926b822735fe21a4d832d048a259feb63087b0371d1b20c0caf6d662c7006 2023-08-17
FileHash-SHA256 d5c2deb79303c745b0f6fe729f94f0db12086ac0cf1fc2c8af862e1e0f748295 2023-08-17
FileHash-SHA256 ec94f18d6837006efe40b2e71a5e5a75473ab88e4822e0ed45ef381d18aff0fa 2023-08-17
hostname sinkhole-i.biosnews.info 2023-08-17
hostname sinkhole.biosnews.info 2023-08-17
URL http://biosnews.info/index.php 2023-08-17
URL http://biosnews.info/index.php?fn=s1&uid=1519d9c017730722836ed2183cb01af0 2023-08-17
URL http://biosnews.info/index.php?fn=s1&uid=2c889153432f2d1f6c1efe28b9041882 2023-08-17
URL http://biosnews.info/index.php?fn=s1&uid=35dd14a3e4953e3c3c76f80f7fe7888a 2023-08-17
URL http://biosnews.info/index.php?fn=s1&uid=3f14c7e8d2f06f051c49c6c8a77ea67f 2023-08-17
URL http://biosnews.info/index.php?fn=s1&uid=4d584352d1841c5a875df5c6e410aea7 2023-08-17
URL http://biosnews.info/index.php?fn=s1&uid=934f7b54ba1acb55749244ae14da01aa 2023-08-17
URL http://biosnews.info/index.php?fn=s4&name=4890c2d546fa48a536b75b48b17de023 2023-08-17
URL http://biosnews.info/index.php?fn=s4&name= 2023-08-17
URL http://biosnews.info/index.php?fn=s4&name=4890c2d546fa48a536b75b48b17de023 2023-08-17
URL http://sinkhole-loopback.biosnews.info 2023-08-17
URL http://sinkhole-loopback.biosnews.info/ 2023-08-17
URL http://sinkhole.biosnews.info/ 2023-08-17
URL http://www.biosnews.info/ 2023-08-17
URL https://biosnews.info/index.php 2023-08-17
URL https://www.biosnews.info/ 2023-08-17
domain mofamails.com 2023-08-17
References (1)
↗ https://sites.google.com/view/marcathreats/