Pulse Detail — Threat Intelligence

PULSE NAME

Threat Intel Report - W21-2024

WHITE aa00643640@techmahindra.com 2024-06-07 Modified: 2024-07-07

539

IOCs

HIGH VOLUME

This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools. These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week. Security is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools. These details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.

Indicators of Compromise (191 / 539 total)

All hostname URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	http://annoyingannoying.vodka/	—	2024-06-07
URL	https://precisionsec.com/threat-intelligence-feeds/	—	2024-06-07
URL	https://psbl.org/	—	2024-06-07
URL	https://www.accesoriosscania.com/OriginalBuild.exe	—	2024-06-07
URL	http://103.131.60.178:40307/mozi.m	—	2024-06-07
URL	http://108.174.200.11/MWTSL	—	2024-06-07
URL	http://112.231.124.97:35225/bin.sh	—	2024-06-07
URL	http://112.248.101.221:34981/Mozi.m	—	2024-06-07
URL	http://112.248.2.137:42944/i	—	2024-06-07
URL	http://112.248.244.232:58822/bin.sh	—	2024-06-07
URL	http://112.252.226.161:52466/bin.sh	—	2024-06-07
URL	http://113.238.14.182:44760/i	—	2024-06-07
URL	http://113.238.97.39:59284/i	—	2024-06-07
URL	http://115.49.234.102:60218/i	—	2024-06-07
URL	http://115.50.149.84:39363/Mozi.m	—	2024-06-07
URL	http://115.50.43.138:34741/bin.sh	—	2024-06-07
URL	http://115.55.197.136:34268/bin.sh	—	2024-06-07
URL	http://115.55.250.131:43179/bin.sh	—	2024-06-07
URL	http://115.55.252.121:43887/Mozi.m	—	2024-06-07
URL	http://115.55.49.88:53912/bin.sh	—	2024-06-07
URL	http://115.55.49.88:53912/i	—	2024-06-07
URL	http://115.56.127.114:37114/bin.sh	—	2024-06-07
URL	http://115.56.127.114:37114/i	—	2024-06-07
URL	http://115.56.144.194:53108/Mozi.m	—	2024-06-07
URL	http://115.56.182.31:33723/i	—	2024-06-07
URL	http://115.62.6.47:47773/bin.sh	—	2024-06-07
URL	http://115.63.10.80:51428/bin.sh	—	2024-06-07
URL	http://115.63.12.102:54795/i	—	2024-06-07
URL	http://117.194.171.228:52739/bin.sh	—	2024-06-07
URL	http://117.194.214.150:36783/Mozi.m	—	2024-06-07
URL	http://117.199.4.203:56067/Mozi.m	—	2024-06-07
URL	http://117.199.76.236:57404/i	—	2024-06-07
URL	http://117.204.194.35:42946/Mozi.m	—	2024-06-07
URL	http://117.204.195.53:55812/Mozi.m	—	2024-06-07
URL	http://117.204.196.224:35722/Mozi.m	—	2024-06-07
URL	http://117.204.197.107:38562/bin.sh	—	2024-06-07
URL	http://117.204.197.107:38562/i	—	2024-06-07
URL	http://117.204.197.181:46174/bin.sh	—	2024-06-07
URL	http://117.204.197.181:46174/i	—	2024-06-07
URL	http://117.204.198.240:34584/Mozi.m	—	2024-06-07
URL	http://117.204.198.25:54524/Mozi.m	—	2024-06-07
URL	http://117.204.200.209:44338/bin.sh	—	2024-06-07
URL	http://117.204.203.102:40822/Mozi.m	—	2024-06-07
URL	http://117.204.203.109:39386/Mozi.m	—	2024-06-07
URL	http://117.204.205.205:33101/Mozi.m	—	2024-06-07
URL	http://117.204.205.69:58992/i	—	2024-06-07
URL	http://117.204.206.78:47674/i	—	2024-06-07
URL	http://117.204.207.107:54234/i	—	2024-06-07
URL	http://117.206.177.117:40734/Mozi.m	—	2024-06-07
URL	http://117.206.177.122:49888/bin.sh	—	2024-06-07
URL	http://117.206.180.182:60078/bin.sh	—	2024-06-07
URL	http://117.206.183.179:38841/Mozi.m	—	2024-06-07
URL	http://117.206.186.167:37338/Mozi.m	—	2024-06-07
URL	http://117.209.13.241:59899/i	—	2024-06-07
URL	http://117.212.100.57:42554/Mozi.m	—	2024-06-07
URL	http://117.213.120.107:39547/i	—	2024-06-07
URL	http://117.214.240.185:51115/i	—	2024-06-07
URL	http://117.214.9.203:49910/bin.sh	—	2024-06-07
URL	http://117.215.255.254:47371/bin.sh	—	2024-06-07
URL	http://117.215.255.254:47371/i	—	2024-06-07
URL	http://117.216.242.24:42383/Mozi.m	—	2024-06-07
URL	http://117.220.149.199:51663/bin.sh	—	2024-06-07
URL	http://117.222.248.26:53625/i	—	2024-06-07
URL	http://117.242.194.137:59371/Mozi.m	—	2024-06-07
URL	http://117.243.177.197:49875/mozi.m	—	2024-06-07
URL	http://117.248.58.51:60149/bin.sh	—	2024-06-07
URL	http://117.248.61.210:49252/bin.sh	—	2024-06-07
URL	http://117.253.214.102:40341/i	—	2024-06-07
URL	http://117.254.97.233:47613/Mozi.m	—	2024-06-07
URL	http://119.178.175.107:41982/i	—	2024-06-07
URL	http://123.10.208.60:56261/bin.sh	—	2024-06-07
URL	http://123.11.174.4:51392/bin.sh	—	2024-06-07
URL	http://123.11.174.4:51392/i	—	2024-06-07
URL	http://123.12.241.107:41139/bin.sh	—	2024-06-07
URL	http://123.13.115.178:42793/bin.sh	—	2024-06-07
URL	http://123.190.30.107:51964/bin.sh	—	2024-06-07
URL	http://123.4.46.168:56292/Mozi.m	—	2024-06-07
URL	http://123.7.237.99:35884/bin.sh	—	2024-06-07
URL	http://173.160.9.133:51297/bin.sh	—	2024-06-07
URL	http://176.97.210.36/gewfeasdfsa/yes.x86	—	2024-06-07
URL	http://179.145.202.100:38053/bin.sh	—	2024-06-07
URL	http://181.191.82.79:57012/Mozi.m	—	2024-06-07
URL	http://182.112.43.116:43891/Mozi.m	—	2024-06-07
URL	http://182.114.246.96:57394/bin.sh	—	2024-06-07
URL	http://182.116.64.71:51795/Mozi.m	—	2024-06-07
URL	http://182.117.158.191:51624/i	—	2024-06-07
URL	http://182.117.77.57:45773/bin.sh	—	2024-06-07
URL	http://182.120.137.47:60392/Mozi.m	—	2024-06-07
URL	http://182.123.195.106:52634/i	—	2024-06-07
URL	http://182.126.120.27:42794/Mozi.m	—	2024-06-07
URL	http://183.239.38.170:39207/Mozi.m	—	2024-06-07
URL	http://185.130.227.202/	—	2024-06-07
URL	http://186.148.245.119:10024/bin.sh	—	2024-06-07
URL	http://201.208.136.211:48958/Mozi.m	—	2024-06-07
URL	http://202.160.144.86:34210/i	—	2024-06-07
URL	http://207.167.66.242/bot.arm	—	2024-06-07
URL	http://207.167.66.242/bot.arm6	—	2024-06-07
URL	http://207.167.66.242/bot.arm7	—	2024-06-07
URL	http://207.167.66.242/bot.m68k	—	2024-06-07
URL	http://207.167.66.242/bot.mips	—	2024-06-07
URL	http://207.167.66.242/bot.ppc	—	2024-06-07
URL	http://207.167.66.242/bot.sh4	—	2024-06-07
URL	http://207.167.66.242/bot.spc	—	2024-06-07
URL	http://207.167.66.242/bot.x86	—	2024-06-07
URL	http://207.167.66.242/bot.x86_64	—	2024-06-07
URL	http://218.79.119.4:38747/bin.sh	—	2024-06-07
URL	http://219.155.209.132:42773/bin.sh	—	2024-06-07
URL	http://219.157.153.205:46459/i	—	2024-06-07
URL	http://220.201.46.229:37297/i	—	2024-06-07
URL	http://221.15.188.52:36507/i	—	2024-06-07
URL	http://221.15.92.102:41232/i	—	2024-06-07
URL	http://222.137.208.2:55555/bin.sh	—	2024-06-07
URL	http://222.138.79.238:37041/Mozi.m	—	2024-06-07
URL	http://222.140.181.153:50851/i	—	2024-06-07
URL	http://222.142.244.35:45141/bin.sh	—	2024-06-07
URL	http://222.246.115.55:34690/.i	—	2024-06-07
URL	http://24.242.46.78:48412/Mozi.m	—	2024-06-07
URL	http://27.19.21.232:54672/Mozi.m	—	2024-06-07
URL	http://27.207.188.232:53531/i	—	2024-06-07
URL	http://27.215.108.80:43681/bin.sh	—	2024-06-07
URL	http://27.216.33.219:33284/bin.sh	—	2024-06-07
URL	http://39.74.247.129:35749/i	—	2024-06-07
URL	http://39.79.98.134:54712/i	—	2024-06-07
URL	http://39.90.150.172:44803/i	—	2024-06-07
URL	http://41.251.42.19:38782/bin.sh	—	2024-06-07
URL	http://42.224.209.195:41105/i	—	2024-06-07
URL	http://42.226.73.232:34268/bin.sh	—	2024-06-07
URL	http://42.227.241.69:52217/bin.sh	—	2024-06-07
URL	http://42.227.241.69:52217/i	—	2024-06-07
URL	http://42.228.218.139:47576/bin.sh	—	2024-06-07
URL	http://42.237.106.108:54531/i	—	2024-06-07
URL	http://42.56.184.109:45388/Mozi.m	—	2024-06-07
URL	http://5.42.96.78/files/file200un.exe	—	2024-06-07
URL	http://59.178.75.65:52819/Mozi.m	—	2024-06-07
URL	http://59.88.147.17:40565/bin.sh	—	2024-06-07
URL	http://59.88.186.61:48838/bin.sh	—	2024-06-07
URL	http://59.89.198.155:34618/bin.sh	—	2024-06-07
URL	http://59.89.4.193:44042/Mozi.m	—	2024-06-07
URL	http://59.89.66.178:50635/bin.sh	—	2024-06-07
URL	http://59.89.69.61:45809/i	—	2024-06-07
URL	http://59.93.180.129:46031/bin.sh	—	2024-06-07
URL	http://59.95.129.34:39037/bin.sh	—	2024-06-07
URL	http://59.97.112.6:47814/Mozi.m	—	2024-06-07
URL	http://60.214.54.56:49880/i	—	2024-06-07
URL	http://60.254.85.104:39127/i	—	2024-06-07
URL	http://61.0.148.66:37495/bin.sh	—	2024-06-07
URL	http://61.3.106.20:57605/Mozi.m	—	2024-06-07
URL	http://61.53.159.11:33204/bin.sh	—	2024-06-07
URL	http://61.53.222.247:32859/bin.sh	—	2024-06-07
URL	http://61.53.47.15:52016/i	—	2024-06-07
URL	http://61.53.84.255:51780/bin.sh	—	2024-06-07
URL	http://61.53.84.255:51780/i	—	2024-06-07
URL	http://61.54.41.29:36171/bin.sh	—	2024-06-07
URL	http://61.54.41.29:36171/i	—	2024-06-07
URL	http://80.66.88.145/	—	2024-06-07
URL	http://80.85.152.122/	16487236d4ed74edfb51ebe50be675d723c9a26cb8cde749a5e9e62405fad183	2024-06-07
URL	http://87.106.16.115:9061/	—	2024-06-07
URL	http://89.248.193.66/	—	2024-06-07
URL	http://89.248.193.66:2351/	—	2024-06-07
URL	http://89.32.41.57/locker/mpsl	—	2024-06-07
URL	http://94.156.68.134/MartDrum.exe	—	2024-06-07
URL	http://94.156.68.134/costs.vbs	—	2024-06-07
URL	http://94.156.68.134/costs.zip	—	2024-06-07
URL	http://94.156.68.134/regasms.exe	—	2024-06-07
URL	http://94.156.68.134/rem.exe	—	2024-06-07
URL	http://94.156.68.134/start.exe	—	2024-06-07
URL	http://94.228.169.143/	—	2024-06-07
URL	http://accesskenya.com	—	2024-06-07
URL	http://adhufdauifadhj13.com/	—	2024-06-07
URL	http://akana.mobiseclab.org	—	2024-06-07
URL	http://cheneseemeg7575.cash/	38ffd4972ae513a0c79a8be4573403edcd709f0f572105362b08ff50cf6de521	2024-06-07
URL	http://content.elite-hacks.ru/test/setStats.php	—	2024-06-07
URL	http://jevereg.amnpardaz.com/	—	2024-06-07
URL	http://p4-preview.runhosting.com/breakingsec02.co.nf/Remcos/OnlineCheck-v4.php	—	2024-06-07
URL	http://p4-preview.runhosting.com/breakingsec02.co.nf/Remcos/logaccess.php	—	2024-06-07
URL	http://p4-preview.runhosting.com/breakingsec02.co.nf/Remcos/upd_free.txt	—	2024-06-07
URL	http://piret-wismann.com/	—	2024-06-07
URL	http://saintelzearlava.com/	—	2024-06-07
URL	http://static.xtom.com	—	2024-06-07
URL	http://taochinashowwers.com/	—	2024-06-07
URL	http://trans1ategooglecom.com/	—	2024-06-07
URL	http://uiahbmajokriswhoer.net/	3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f	2024-06-07
URL	http://vipfibertelecom.com.br	—	2024-06-07
URL	http://www.invaluement.com/	—	2024-06-07
URL	http://zochao.com/	—	2024-06-07
URL	https://apkscan.nviso.be/	—	2024-06-07
URL	https://pasteio.com/raw/xhy39U4zGODQ	—	2024-06-07
URL	https://www.dnsbl.info/	—	2024-06-07
URL	https://www.secondwrite.com	—	2024-06-07
URL	https://www.senderscore.org/	—	2024-06-07
URL	https://www.silobreaker.com/category/threat-reports/	—	2024-06-07

References (2)

↗ https://any.run/malware-trends/ ↗ https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_Real-time