← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Tracking down the cybercriminal infrastructure of infostealer RisePro
List of IoCs related to RisePro infostealer and EasyLead PPI
Source EN : https://projetfox.com/en/2023/11/tracking-down-the-cybercriminal-infrastructure-of-infostealer-risepro/
Source FR : https://projetfox.com/2023/11/traque-de-linfrastructure-cybercriminelle-de-linfostealer-risepro/
More details:
from Crep1x (SEKOIA.IO) https://x.com/crep1x/status/1729908394230686033
from Intrinsec https://x.com/Intrinsec/status/1730212294452260976?s=20
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
RisePro
Indicators of Compromise (33)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| BitcoinAddress | bc1qh55m8erwupc60j73zmeuumhk43c9anwe3qllnq | — | 2023-12-04 | |
| domain | best24-files.com | — | 2023-12-04 | |
| domain | bit-files.com | — | 2023-12-04 | |
| domain | ezlead.pro | — | 2023-12-04 | |
| domain | fap-files.com | — | 2023-12-04 | |
| domain | file-broker.com | — | 2023-12-04 | |
| domain | files-null.com | — | 2023-12-04 | |
| domain | files-pipe.com | — | 2023-12-04 | |
| domain | files-rate.com | — | 2023-12-04 | |
| domain | first-mirror.com | — | 2023-12-04 | |
| domain | get-files24.com | — | 2023-12-04 | |
| domain | gg-download.com | — | 2023-12-04 | |
| domain | gg-loader.com | — | 2023-12-04 | |
| domain | hero-files.com | — | 2023-12-04 | |
| domain | jojo-files.com | — | 2023-12-04 | |
| domain | mediaskollsoft.com | — | 2023-12-04 | |
| domain | pickofiles.com | — | 2023-12-04 | |
| domain | pin-files.com | — | 2023-12-04 | |
| domain | pu-file.com | — | 2023-12-04 | |
| domain | qd-file.com | — | 2023-12-04 | |
| domain | rate-files.com | — | 2023-12-04 | |
| domain | softs-portal.com | — | 2023-12-04 | |
| domain | softsloader.com | — | 2023-12-04 | |
| domain | uc-files.com | — | 2023-12-04 | |
| domain | vi-files.com | — | 2023-12-04 | |
| domain | vip-softs.com | — | 2023-12-04 | |
| domain | vip-space.com | — | 2023-12-04 | |
| domain | xx1-files.com | — | 2023-12-04 | |
| jojo-files.com@privacy.above.com | — | 2023-12-04 | ||
| hostname | mail.mediaskollsoft.com | — | 2023-12-04 | |
| king420.lazy@gmail.com | — | 2023-12-04 | ||
| michael.nemchenkov@yandex.kz | — | 2023-12-04 | ||
| michael.nemchenkov@yandex.ru | — | 2023-12-04 |