Pulse Detail — Threat Intelligence

PULSE NAME

Threat Intel Report - W12-2024

WHITE aa00643640@techmahindra.com 2024-04-15 Modified: 2024-05-15

477

IOCs

HIGH VOLUME

This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools. These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week. Security is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools. These details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.

Indicators of Compromise (139 / 477 total)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 hostname URL domain

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	ftp://ftp.acc-engineering.xyz/	—	2024-04-15
URL	ftp://ftp.corpsa.net/	—	2024-04-15
URL	ftp://ftp.lemendoza.com/	—	2024-04-15
URL	ftp://ftp.mgcpakistan.com/	—	2024-04-15
URL	ftp://ftp.onelovehk.com.ng/	—	2024-04-15
URL	ftp://ftp.svetigeorgije.co.rs/	—	2024-04-15
URL	http://100.12.251.130/sshd	—	2024-04-15
URL	http://100.12.251.135/sshd	5bf54c41b07e341b8754ccf72b9dbd55135b3ed7fcc53816a580f5c0a79d104a	2024-04-15
URL	http://108.174.200.11/MWTSL	—	2024-04-15
URL	http://110.24.36.35:56647/Mozi.m	—	2024-04-15
URL	http://114.221.221.149:56445/bin.sh	—	2024-04-15
URL	http://114.221.221.149:56445/i	—	2024-04-15
URL	http://114.239.123.250:42648/Mozi.a	—	2024-04-15
URL	http://115.50.25.151:33583/Mozi.m	—	2024-04-15
URL	http://115.50.61.134:38847/Mozi.m	—	2024-04-15
URL	http://115.51.89.157:35664/Mozi.m	—	2024-04-15
URL	http://115.52.246.71:48595/i	—	2024-04-15
URL	http://115.55.128.206:54794/Mozi.m	—	2024-04-15
URL	http://115.55.244.74:56099/bin.sh	—	2024-04-15
URL	http://117.194.169.89:51478/Mozi.m	—	2024-04-15
URL	http://117.194.172.197:35959/bin.sh	—	2024-04-15
URL	http://117.201.12.150:36263/bin.sh	—	2024-04-15
URL	http://117.201.12.150:36263/i	—	2024-04-15
URL	http://117.214.8.204:41754/Mozi.m	—	2024-04-15
URL	http://117.220.144.142:60740/Mozi.m	—	2024-04-15
URL	http://117.242.234.222:47969/bin.sh	—	2024-04-15
URL	http://117.248.49.185:53636/Mozi.m	—	2024-04-15
URL	http://117.248.51.19:53428/i	—	2024-04-15
URL	http://117.248.59.71:47193/bin.sh	—	2024-04-15
URL	http://117.248.61.103:54988/bin.sh	—	2024-04-15
URL	http://117.252.161.21:56837/i	—	2024-04-15
URL	http://117.254.179.40:54873/Mozi.m	—	2024-04-15
URL	http://117.43.219.16:35362/.i	—	2024-04-15
URL	http://119.186.211.3:41695/i	—	2024-04-15
URL	http://122.114.10.11:8082/GUP.exe	—	2024-04-15
URL	http://122.114.10.11:8082/GodPotato-NET4.exe	—	2024-04-15
URL	http://122.114.10.11:8082/gup.xml	—	2024-04-15
URL	http://122.114.10.11:8082/libcurl.dll	—	2024-04-15
URL	http://122.114.10.11:8082/update.png	—	2024-04-15
URL	http://122.114.192.234:8082/GodPotato-NET4.exe	—	2024-04-15
URL	http://122.114.192.234:8082/gup.xml	—	2024-04-15
URL	http://122.114.225.100:8082/GUP.exe	—	2024-04-15
URL	http://122.114.225.100:8082/gup.xml	—	2024-04-15
URL	http://123.12.195.93:41470/Mozi.a	—	2024-04-15
URL	http://123.132.166.58:50909/Mozi.m	—	2024-04-15
URL	http://123.4.49.241:47078/bin.sh	—	2024-04-15
URL	http://123.4.49.241:47078/i	—	2024-04-15
URL	http://125.40.154.102:48881/bin.sh	—	2024-04-15
URL	http://125.40.154.102:48881/i	—	2024-04-15
URL	http://125.41.182.151:60439/Mozi.m	—	2024-04-15
URL	http://125.41.231.229:43274/bin.sh	—	2024-04-15
URL	http://125.43.245.81:50133/bin.sh	—	2024-04-15
URL	http://125.43.245.81:50133/i	—	2024-04-15
URL	http://125.43.52.21:50607/bin.sh	—	2024-04-15
URL	http://125.44.214.69:60132/Mozi.m	—	2024-04-15
URL	http://125.46.223.54:42684/bin.sh	—	2024-04-15
URL	http://125.46.223.54:42684/i	—	2024-04-15
URL	http://175.166.39.43:54914/Mozi.m	—	2024-04-15
URL	http://182.113.44.156:34083/mozi.a	—	2024-04-15
URL	http://182.116.14.129:36184/i	—	2024-04-15
URL	http://182.119.1.65:41285/i	—	2024-04-15
URL	http://182.120.49.65:37303/Mozi.m	—	2024-04-15
URL	http://182.121.115.17:58209/i	—	2024-04-15
URL	http://182.121.46.115:55895/Mozi.m	—	2024-04-15
URL	http://182.124.64.166:33133/mozi.a	—	2024-04-15
URL	http://183.184.71.237:46181/bin.sh	—	2024-04-15
URL	http://183.184.71.237:46181/i	—	2024-04-15
URL	http://183.81.33.153/assailant.arm5	—	2024-04-15
URL	http://183.81.33.153/assailant.arm6	—	2024-04-15
URL	http://183.81.33.153/assailant.arm7	—	2024-04-15
URL	http://183.81.33.153/assailant.i586	—	2024-04-15
URL	http://183.81.33.153/assailant.i686	—	2024-04-15
URL	http://183.81.33.153/assailant.m68k	—	2024-04-15
URL	http://183.81.33.153/assailant.mips	—	2024-04-15
URL	http://183.81.33.153/assailant.ppc	—	2024-04-15
URL	http://183.81.33.153/assailant.sh4	—	2024-04-15
URL	http://185.82.202.126/x86_64	—	2024-04-15
URL	http://193.233.132.167/lend/TeamFour.exe	f63bdc068c453e7e22740681a0c280d02745807b1695ce86e5067069beca533e	2024-04-15
URL	http://193.233.132.167/lend/goldprime123mm.exe	3ed565443e0c49b991d90cd32c4c060db6fe2af30b3a24586379024e0adc2e02	2024-04-15
URL	http://205.185.121.68/x86_64	—	2024-04-15
URL	http://205.185.126.140/arc	—	2024-04-15
URL	http://205.185.126.140/arm	—	2024-04-15
URL	http://205.185.126.140/arm7	—	2024-04-15
URL	http://205.185.126.140/i586	—	2024-04-15
URL	http://205.185.126.140/x86_64	—	2024-04-15
URL	http://219.132.196.255:37602/bin.sh	—	2024-04-15
URL	http://219.157.222.205:49250/Mozi.m	—	2024-04-15
URL	http://222.138.100.249:46245/bin.sh	—	2024-04-15
URL	http://222.138.100.249:46245/i	—	2024-04-15
URL	http://222.142.244.1:44552/Mozi.m	—	2024-04-15
URL	http://223.13.61.21:41435/bin.sh	—	2024-04-15
URL	http://27.206.236.188:59429/Mozi.m	—	2024-04-15
URL	http://27.220.195.118:59429/bin.sh	—	2024-04-15
URL	http://39.38.202.232:50005/Mozi.m	—	2024-04-15
URL	http://42.227.201.161:33789/i	—	2024-04-15
URL	http://42.230.44.157:45346/Mozi.m	—	2024-04-15
URL	http://42.231.41.248:44954/Mozi.m	—	2024-04-15
URL	http://42.233.140.104:44074/bin.sh	—	2024-04-15
URL	http://42.233.140.104:44074/i	—	2024-04-15
URL	http://42.239.224.187:51785/Mozi.m	—	2024-04-15
URL	http://45.90.12.135/arm4	—	2024-04-15
URL	http://45.90.12.135/arm5	—	2024-04-15
URL	http://45.90.12.135/arm6	—	2024-04-15
URL	http://46.109.137.45:32809/Mozi.m	—	2024-04-15
URL	http://58.178.116.82:34028/i	—	2024-04-15
URL	http://59.182.244.230:51951/Mozi.m	—	2024-04-15
URL	http://59.183.171.114:46028/Mozi.m	—	2024-04-15
URL	http://59.88.178.116:55245/Mozi.m	—	2024-04-15
URL	http://59.88.188.43:50222/bin.sh	—	2024-04-15
URL	http://59.89.202.251:46331/bin.sh	—	2024-04-15
URL	http://59.89.202.251:46331/i	—	2024-04-15
URL	http://59.89.6.242:44658/Mozi.m	—	2024-04-15
URL	http://59.93.189.174:33807/Mozi.m	—	2024-04-15
URL	http://59.93.191.192:41233/Mozi.m	—	2024-04-15
URL	http://59.95.132.251:44866/Mozi.m	—	2024-04-15
URL	http://59.99.134.79:42539/mozi.m	—	2024-04-15
URL	http://60.18.9.7:39388/i	—	2024-04-15
URL	http://60.23.188.194:58425/Mozi.m	—	2024-04-15
URL	http://61.137.193.211:44344/bin.sh	—	2024-04-15
URL	http://61.52.157.44:49779/Mozi.m	—	2024-04-15
URL	http://61.52.41.18:58121/i	—	2024-04-15
URL	http://61.53.251.129:46963/Mozi.m	—	2024-04-15
URL	http://61.54.40.39:41756/bin.sh	—	2024-04-15
URL	http://8.tcp.ngrok.io/	—	2024-04-15
URL	http://94.156.8.116/rebirth.x86	—	2024-04-15
URL	http://content.elite-hacks.ru/test/setStats.php	—	2024-04-15
URL	http://originwealth.ydns.eu/sew/inc/10a5031d37bc79.php	—	2024-04-15
URL	http://p4-preview.runhosting.com/breakingsec02.co.nf/Remcos/OnlineCheck-v4.php	—	2024-04-15
URL	http://p4-preview.runhosting.com/breakingsec02.co.nf/Remcos/logaccess.php	—	2024-04-15
URL	http://p4-preview.runhosting.com/breakingsec02.co.nf/Remcos/login.php	—	2024-04-15
URL	http://p4-preview.runhosting.com/breakingsec02.co.nf/Remcos/upd_free.txt	—	2024-04-15
URL	http://playit.gg/claim/fe7a2f95a7	—	2024-04-15
URL	http://pushkinorigin.ydns.eu/wiz/inc/1d7c50187af637.php	—	2024-04-15
URL	http://www.texlandbd.com/vvs/inc/c874c1a5333207.php	—	2024-04-15
URL	https://efzfo.round.fishingreelinvestment.com/e...	—	2024-04-15
URL	https://fiores.cl/mail/obrah/inc/dea039b70b5e63.php	—	2024-04-15
URL	https://www.glamourstorepa.com.br/mail/inc/39dc6fa01a6534.php	—	2024-04-15
URL	https://www.glamourstorepa.com.br/sus2/inc/f858786f876bb9.php	f510f3500a13fba4b8ffa86e801144d3bc72249aab2f830fc3fd8d187044c9eb	2024-04-15
URL	https://www.ronaldsmith.loan//inc/4e7ada8f7b87bc.php	5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807	2024-04-15

References (2)

↗ https://myip.ms/ ↗ https://myip.ms/