Pulse Detail — Threat Intelligence

PULSE NAME

IOC's from my personal devices for the week starting 08/28/23 - leveraging Yara, overwhelmed

WHITE N/A Merkd1904 2023-08-29 Modified: 2024-02-10

442

IOCs

HIGH VOLUME

placeholder At current I have well over 2000 detentions just on this one device - I'm working on getting everything presentable.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1027 T1071 T1106 T1140 T1573 T1040 T1111

MALWARE FAMILIES

SpyEye Trojan:Linux/Rootkit Poet RAT Cobalt Strike TrojanDropper:Win32/Ponmocup Shylock Virus:Win95/Cerebrus TrojanSpy:Win32/Warpp IronTiger wimmie lsadump SURTR

Indicators of Compromise (79 / 442 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname email SSLCertFingerprint

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	f87298bc8dd1c6658bb19b3e296b067f	—	2023-08-29
FileHash-MD5	35d9c85a38500c4202f988edebe74d68	MD5 of 98a59619990689540fda54daf8c44df6b8612a98	2023-08-29
FileHash-MD5	7b8b7ab1f8014e49e9d5cd74b1d05dbf	—	2023-08-29
FileHash-MD5	0cf7812c06b0521fdd4e4b556c3af48d	—	2023-08-29
FileHash-MD5	1d16e8d8c77213793de5386615da07a5	—	2023-08-29
FileHash-MD5	da323c399342477947be7af3080b9347	MD5 of 84f2b02a8f939f57262e8093c6b9b031148ae069	2023-08-29
FileHash-MD5	35d9c85a38500c4202f988edebe74d68	MD5 of f0da979013dc3adf7841d93af10dd5d12907752954bde8ca0bb2f027e869f086	2023-08-29
FileHash-MD5	01605e58a483cf54bb0e95208f531764	—	2023-08-29
FileHash-MD5	06d4170ac1745b5e87ea9290121eff01	—	2023-08-29
FileHash-MD5	0aae154de9d7d48f76a0949322c3966b	MD5 of 634c50614e1f5f132f49ae204c4a28f62a32a39a3446084db5b0b49b564034b8	2023-08-29
FileHash-MD5	153e1080c32ef7e9393910ec45598887	—	2023-08-29
FileHash-MD5	2191d3647221b72039c5b05d38084a42	—	2023-08-29
FileHash-MD5	25f8e68d1f37ba224eea83cb4465dffa	MD5 of cfe82aad5fc4d79cf3f551b9b12eaf9889ebafd8	2023-08-29
FileHash-MD5	515f007c5bd062c2122008544db127f8	—	2023-08-29
FileHash-MD5	5244268e5ca0b4c11b6ccab2e79bbb12	MD5 of a698d35a0c4d25fd960bd40c1de1022bb0763b77938bf279e91c9330060b0b91	2023-08-29
FileHash-MD5	551ffeee4e2b63958aa389afdd6df086	MD5 of f9b93c92ed50743cd004532ab379e3135197b6fb5341322975f4d7a98a0fcde7	2023-08-29
FileHash-MD5	5dda8ba054b018dee05397be0a0a95a7	—	2023-08-29
FileHash-MD5	6467c6df4ba4526c7f7a7bc950bd47eb	MD5 of eff542ac8e37db48821cb4e5a7d95c044fff27557763de3a891b40ebeb52cc55	2023-08-29
FileHash-MD5	690de0005c5625a420255efebb3349f7	—	2023-08-29
FileHash-MD5	6b8b4567327b23c6643c986966334873	—	2023-08-29
FileHash-MD5	74b0dc5119495cff2ae8944a625558ec	—	2023-08-29
FileHash-MD5	7e1efa4f83461f81157b67d7ea471a12	—	2023-08-29
FileHash-MD5	8b4ae9f3c99049824d4aebbf61def6a5	—	2023-08-29
FileHash-MD5	8d6ee6bf52e0c04527e51f64f22c4534	—	2023-08-29
FileHash-MD5	99e61afcd3ec96f5e349ab439dae46c4	—	2023-08-29
FileHash-MD5	c2b7d6b59af75cf88011987a080a46fd	—	2023-08-29
FileHash-MD5	cbf0f41bbbafb1c2609bedb943be3b36	MD5 of a240a0118739e72ff89cefa2540bf0d7da8f8a6c	2023-08-29
FileHash-MD5	cdfe279ac2ad08522df1cf9b46475132	—	2023-08-29
FileHash-MD5	e0fb946c00b140693e3cf5de258c22a1	MD5 of 57f0839433234285cc9df96198a6ca58248a4707	2023-08-29
FileHash-MD5	e2bca8f417ece94dbdd27b75f951ffda	—	2023-08-29
FileHash-MD5	e2ee83ffd2dcf6c7add8d2121389d767	MD5 of 5a76e642357792bb4270114d7cd76ce45ba24b0d741f5c6b916aeebd45cff2b3	2023-08-29
FileHash-MD5	ef6e23f6422e67c42d50d7bc8a78e796	MD5 of 2abf4bbe4debd619b99cb944298f43312db0947217437e6b71b9ea6e9a1a4fec	2023-08-29
FileHash-MD5	f832ef7a4fcd252463adddfa14db43fb	MD5 of 4455d237aadaf28aafce57097144beac92e55110	2023-08-29
FileHash-MD5	fccf148598e6531bc4167d5c3b8a2949	—	2023-08-29
FileHash-MD5	473a4fdc5bbd90c384224411efdd36ab	MD5 of 2f7f1a48df71cb0672ab5d77b38874e473156e11ad3e92292c14a342bcd5edd5	2023-09-01
FileHash-MD5	b0d10a2a622a322788780e7a3cbb85f3	MD5 of f2c2b3ce2df70a3206f3111391ffc7b791b32505fa97aef22c0c2dbf6f3b0426	2023-09-01
FileHash-MD5	c59832217903ce88793a6c40888e3cae	MD5 of 9dfa1bc5d2ab4c652304976978749141b8c312784b05cb577f338a0aa91330db	2023-09-01
FileHash-MD5	8a23acc8f1377b1e6bb3a93c3b311bda	—	2023-09-01
FileHash-MD5	0f3da59ad50cfcdc132344581a149720	—	2023-09-01
FileHash-MD5	46d25de33138cddf0c6cfe7f5ef1d58d	MD5 of d3df9be6e24d39b1d99016f38f20ae96cad1a136	2023-09-01
FileHash-MD5	4b1c321c17d46e786df1d4ebe2f64e08	MD5 of 8b9505479c1d50660c93ecae81c39ff92c02102f	2023-09-01
FileHash-MD5	550404d6de20e406caf4ddb0c9469e58	—	2023-09-01
FileHash-MD5	57aa0f7b5f6f076454f075a88bcc0cc9	—	2023-09-01
FileHash-MD5	7bad046d13d24e034266368f6fc3ee14	MD5 of 2a215e89800621d5c09c6b834d45f35ddbadb0c9	2023-09-01
FileHash-MD5	a6388db998383af7c9613c3144bf09e6	—	2023-09-01
FileHash-MD5	ad9250c9725e55e11729256336accd56	MD5 of 793fe7f04a7b39aa88ebf77deb9cf896d5136f68	2023-09-01
FileHash-MD5	b41d06bde9cfe08b55648195bb7633a3	—	2023-09-01
FileHash-MD5	bc9921537073279d83b2da3eac3cb76e	MD5 of 18cf12800bd3f8f8f2b9013649f401468eb45e68	2023-09-01
FileHash-MD5	c488ab538d17bebebd9c5a9e22963ad3	—	2023-09-01
FileHash-MD5	c710fe3c6149f0e0ade611199b6de63f	MD5 of ec01327faf7007f492e4b73b43bb1af05152965e	2023-09-01
FileHash-MD5	ce10bd774bc9876ae068434487c36a0b	—	2023-09-01
FileHash-MD5	d2f58dec44be3d4a9a164c9027c96307	—	2023-09-01
FileHash-MD5	d7126bab531cef46fc90d314c59238bc	—	2023-09-01
FileHash-MD5	eb80a13beeab527f7e60ba19cfc2d55f	—	2023-09-01
FileHash-MD5	eecb0f63530ca7abe300da596d6a2eef	—	2023-09-01
FileHash-MD5	01742ab6043c410c8602e210301c40e3	—	2023-09-01
FileHash-MD5	2ee35a608624aed48a1f1bdf55f3aa21	—	2023-09-01
FileHash-MD5	42d651751c1d75ed4fa8fe71751854ff	—	2023-09-01
FileHash-MD5	473a4fdc5bbd90c384224411efdd36ab	MD5 of 7178ad68eda0da22e651416739fa81e425d09aad	2023-09-01
FileHash-MD5	48fc93b46055948d36a7c98a89d69416	—	2023-09-01
FileHash-MD5	5a2f02dbbbda51cfac50fb52cea6d11b	—	2023-09-01
FileHash-MD5	621d6d0c52019e3b9079152089211c0a	—	2023-09-01
FileHash-MD5	7b665aee1356eb0c2d3355d9eed4b5ae	—	2023-09-01
FileHash-MD5	7cc10e0060080262550138057fd6b87d	—	2023-09-01
FileHash-MD5	8fe8ba25b04a7beb04c2ab2d5e9ea736	—	2023-09-01
FileHash-MD5	c66f549d5fc7d10a5f63350701c6b3f9	—	2023-09-01
FileHash-MD5	d4b434d41f10442bab40bb810cb5ccf1	—	2023-09-01
FileHash-MD5	ee293e24cfdebf6622568663b2c1bc80	—	2023-09-01
FileHash-MD5	f707c89cb81c6ad785807eb22a4d93a5	—	2023-09-01
FileHash-MD5	3241b56d649b646f97f963152f36fcda	—	2023-09-02
FileHash-MD5	494c3cd02ba289de8aac1c9629a5b345	—	2023-09-02
FileHash-MD5	4d0ffb58f8dbe807edf23629cb76bac2	—	2023-09-02
FileHash-MD5	76b4bae80d2c3b08bb062d97bf9ca791	—	2023-09-02
FileHash-MD5	7be7a7e08c7c92b810ac3b50dbd6b85f	—	2023-09-02
FileHash-MD5	7d066b5a416b73940f126bb7170dec9a	—	2023-09-02
FileHash-MD5	82f60bbc396315cc12c83bfe38856fe9	—	2023-09-02
FileHash-MD5	8ec922c7a58a8701ab481b7be9644536	—	2023-09-02
FileHash-MD5	9ab78b7414bcff3338f4d065840d610e	—	2023-09-02
FileHash-MD5	e003c51f4383ffe6600def860b2937c7	—	2023-09-02

References (9)

↗ https://hybrid-analysis.com/sample/2a061121e90f3354504a1546b1ca4c71252d02c99b7f677f29602aaa95f91c9e/64e8955eca839267790e3ef3 ↗ https://hybrid-analysis.com/sample/f0da979013dc3adf7841d93af10dd5d12907752954bde8ca0bb2f027e869f086/6463a5722450ab7d6c0b893e ↗ https://otx.alienvault.com/indicator/file/0630d8faa930aa80f7fb6b27ff51e082151b64882c69319eba561280da3064ec ↗ https://otx.alienvault.com/indicator/file/5987131af62bc75d60f1f8894be2f75d709d8a328570259457063ccfac7f59ca ↗ https://otx.alienvault.com/indicator/file/4db808dc54c9ef1fdad38f1fb7b1ea11be64dbadd8c38d02fa1e66c6eb3c1ed2 ↗ https://otx.alienvault.com/indicator/file/cbb9ab5848535b5ff8c79badc80efc77e7dd4200b192c14c5990993919b3b156 ↗ https://tria.ge/230825-pdyvdabe74 ↗ https://hybrid-analysis.com/sample/4db808dc54c9ef1fdad38f1fb7b1ea11be64dbadd8c38d02fa1e66c6eb3c1ed2 ↗ https://hybrid-analysis.com/sample/f0da979013dc3adf7841d93af10dd5d12907752954bde8ca0bb2f027e869f086