Pulse Detail — Threat Intelligence

PULSE NAME

Threat Intel Report - W49-2024

WHITE aa00643640@techmahindra.com 2025-01-01 Modified: 2025-01-31

418

IOCs

HIGH VOLUME

This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools. These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week. Security is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools. These details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.

Indicators of Compromise (208 / 418 total)

All hostname URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	http://aloowforest.xyz/c2sock	—	2025-01-01
URL	https://precisionsec.com/threat-intelligence-feeds/	—	2025-01-01
URL	https://psbl.org/	—	2025-01-01
URL	ftp://ftp.acc-engineering.xyz/	—	2025-01-01
URL	ftp://ftp.avonpharmacmachines.com/	—	2025-01-01
URL	ftp://ftp.csepelgumi.hu/	—	2025-01-01
URL	ftp://ftp.dkspot.net/	—	2025-01-01
URL	ftp://ftp.siscop.com.co/	—	2025-01-01
URL	ftp://ftp.svetigeorgije.co.rs/	—	2025-01-01
URL	ftp://myogessentials.com/	—	2025-01-01
URL	http://103.115.197.214:38477/Mozi.m	—	2025-01-01
URL	http://103.181.158.82:42536/Mozi.m	—	2025-01-01
URL	http://104.245.33.157/99210de056092a58.php	—	2025-01-01
URL	http://109.107.181.33/de4846fc29f26952.php	—	2025-01-01
URL	http://110.182.103.147:14366/.i	—	2025-01-01
URL	http://110.182.251.111:46370/Mozi.a	—	2025-01-01
URL	http://110.86.161.38:53024/bin.sh	—	2025-01-01
URL	http://110.86.161.38:53024/i	—	2025-01-01
URL	http://111.174.188.249:37045/i	—	2025-01-01
URL	http://111.22.21.212:52158/Mozi.m	—	2025-01-01
URL	http://112.252.242.191:45304/bin.sh	—	2025-01-01
URL	http://113.221.11.62:34709/bin.sh	—	2025-01-01
URL	http://113.221.11.62:34709/i	—	2025-01-01
URL	http://113.221.9.252:44845/i	—	2025-01-01
URL	http://113.229.184.177:46367/bin.sh	—	2025-01-01
URL	http://113.236.214.125:38860/bin.sh	—	2025-01-01
URL	http://113.236.242.111:58745/bin.sh	—	2025-01-01
URL	http://113.236.242.111:58745/i	—	2025-01-01
URL	http://113.237.5.171:46825/i	—	2025-01-01
URL	http://113.90.244.136:44610/Mozi.a	—	2025-01-01
URL	http://114.218.129.196:58087/bin.sh	—	2025-01-01
URL	http://115.50.66.126:34391/bin.sh	—	2025-01-01
URL	http://115.55.129.115:35694/Mozi.m	—	2025-01-01
URL	http://116.55.76.151:45447/bin.sh	—	2025-01-01
URL	http://116.71.173.255	—	2025-01-01
URL	http://117.192.236.49:43346/Mozi.m	—	2025-01-01
URL	http://117.199.31.79:53583/bin.sh	—	2025-01-01
URL	http://117.206.139.48:36423/bin.sh	—	2025-01-01
URL	http://117.206.20.43:44985/i	—	2025-01-01
URL	http://117.208.103.95:35651/Mozi.m	—	2025-01-01
URL	http://117.209.16.174:34863/bin.sh	—	2025-01-01
URL	http://117.209.16.174:34863/i	—	2025-01-01
URL	http://117.209.20.210:36225/i	—	2025-01-01
URL	http://117.209.22.207:41121/bin.sh	—	2025-01-01
URL	http://117.209.23.141:54573/Mozi.m	—	2025-01-01
URL	http://117.209.32.15:43784/i	—	2025-01-01
URL	http://117.209.81.169:47622/Mozi.m	—	2025-01-01
URL	http://117.209.89.23:58378/Mozi.m	—	2025-01-01
URL	http://117.209.92.10:53913/i	—	2025-01-01
URL	http://117.209.92.54:43170/bin.sh	—	2025-01-01
URL	http://117.209.93.13:49044/i	—	2025-01-01
URL	http://117.209.95.29:40981/Mozi.m	—	2025-01-01
URL	http://117.210.178.98:56178/bin.sh	—	2025-01-01
URL	http://117.213.248.127:44476/Mozi.m	—	2025-01-01
URL	http://117.213.85.12:35892/Mozi.m	—	2025-01-01
URL	http://117.215.214.216:37351/Mozi.m	—	2025-01-01
URL	http://117.221.50.188:48750/bin.sh	—	2025-01-01
URL	http://117.221.50.188:48750/i	—	2025-01-01
URL	http://117.222.112.10:56062/i	—	2025-01-01
URL	http://117.235.105.228:42487/bin.sh	—	2025-01-01
URL	http://117.235.126.139:49060/Mozi.m	—	2025-01-01
URL	http://117.235.151.50:39192/i	—	2025-01-01
URL	http://117.235.167.33:50652/i	—	2025-01-01
URL	http://117.235.96.78:45656/i	—	2025-01-01
URL	http://117.242.203.214:42207/bin.sh	—	2025-01-01
URL	http://117.242.254.95:46672/bin.sh	—	2025-01-01
URL	http://117.248.31.222:55073/bin.sh	—	2025-01-01
URL	http://117.248.50.206:53364/i	—	2025-01-01
URL	http://117.253.104.69:42814/bin.sh	—	2025-01-01
URL	http://117.253.96.18:36891/i	—	2025-01-01
URL	http://117.254.99.59:60612/bin.sh	—	2025-01-01
URL	http://119.115.66.251:57951/i	—	2025-01-01
URL	http://119.117.94.223:42091/bin.sh	—	2025-01-01
URL	http://119.117.94.223:42091/i	—	2025-01-01
URL	http://120.61.193.208:58637/bin.sh	—	2025-01-01
URL	http://121.224.56.244:34899/bin.sh	—	2025-01-01
URL	http://121.231.121.48:45466/bin.sh	—	2025-01-01
URL	http://123.188.98.117:44561/bin.sh	—	2025-01-01
URL	http://123.4.199.130:59446/i	—	2025-01-01
URL	http://124.234.246.243:55451/Mozi.m	—	2025-01-01
URL	http://125.41.142.154:50602/i	—	2025-01-01
URL	http://125.43.74.137:53243/bin.sh	—	2025-01-01
URL	http://125.44.195.111:35397/Mozi.m	—	2025-01-01
URL	http://125.45.8.240:37979/bin.sh	—	2025-01-01
URL	http://125.47.7.152:40191/bin.sh	—	2025-01-01
URL	http://14.155.200.154:54516/bin.sh	—	2025-01-01
URL	http://14.181.65.13:38498/bin.sh	—	2025-01-01
URL	http://149.255.35.132/e50ac16f7b113954.php	—	2025-01-01
URL	http://163.142.79.132:51855/i	—	2025-01-01
URL	http://175.146.231.148:48198/bin.sh	—	2025-01-01
URL	http://175.146.231.148:48198/i	—	2025-01-01
URL	http://175.165.172.72:44124/i	—	2025-01-01
URL	http://175.174.99.176:57144/bin.sh	—	2025-01-01
URL	http://175.174.99.176:57144/i	—	2025-01-01
URL	http://176.124.198.17/1da263bff25c8346.php	—	2025-01-01
URL	http://177.92.240.168:51246/bin.sh	—	2025-01-01
URL	http://180.119.109.53:36724/Mozi.m	—	2025-01-01
URL	http://182.117.167.61:46395/i	—	2025-01-01
URL	http://182.117.79.87:40008/Mozi.m	—	2025-01-01
URL	http://182.120.37.138:54153/Mozi.a	—	2025-01-01
URL	http://182.121.12.228:41656/i	—	2025-01-01
URL	http://182.127.127.21:54687/bin.sh	—	2025-01-01
URL	http://182.127.163.224:39775/Mozi.m	—	2025-01-01
URL	http://182.127.37.243:43800/i	—	2025-01-01
URL	http://182.247.128.91:34468/bin.sh	—	2025-01-01
URL	http://182.60.8.151:54096/i	—	2025-01-01
URL	http://185.17.40.133/ba91ff2f6a996325.php	—	2025-01-01
URL	http://185.172.128.24/40d570f44e84a44.php	—	2025-01-01
URL	http://185.172.128.24/40d570f44e84a454.php	—	2025-01-01
URL	http://185.172.128.79/3886d22766914c4.php	—	2025-01-01
URL	http://185.172.128.79/3886d2276f6914c4.php	—	2025-01-01
URL	http://185.248.12.157:47471/bin.sh	—	2025-01-01
URL	http://185.99.133.246/c2sock	—	2025-01-01
URL	http://186.4.217.208:43833/Mozi.m	—	2025-01-01
URL	http://188.16.64.52:36633/i	—	2025-01-01
URL	http://195.123.226.91/c2sock	—	2025-01-01
URL	http://195.123.227.138/c2sock	—	2025-01-01
URL	http://196.189.97.114:60121/bin.sh	—	2025-01-01
URL	http://200.6.91.45:57239/bin.sh	—	2025-01-01
URL	http://221.14.190.185:53932/i	—	2025-01-01
URL	http://222.138.119.249:56901/bin.sh	—	2025-01-01
URL	http://222.138.119.249:56901/i	—	2025-01-01
URL	http://222.138.205.75:53442/i	—	2025-01-01
URL	http://222.138.83.134:56936/Mozi.m	—	2025-01-01
URL	http://222.142.247.176:46371/i	—	2025-01-01
URL	http://222.95.24.12:54273/bin.sh	—	2025-01-01
URL	http://223.68.142.178:40993/bin.sh	—	2025-01-01
URL	http://27.215.87.125:56680/Mozi.m	—	2025-01-01
URL	http://2flowers-my.xyz/c2sock	—	2025-01-01
URL	http://39.74.169.166:40467/i	—	2025-01-01
URL	http://39.90.149.89:46824/bin.sh	—	2025-01-01
URL	http://42.178.137.0:58122/bin.sh	—	2025-01-01
URL	http://42.179.151.250:56574/i	—	2025-01-01
URL	http://42.179.6.237:52075/i	—	2025-01-01
URL	http://42.228.104.216:52291/i	—	2025-01-01
URL	http://42.229.219.60:56634/bin.sh	—	2025-01-01
URL	http://42.230.227.205:51191/i	—	2025-01-01
URL	http://42.231.71.62:49552/bin.sh	—	2025-01-01
URL	http://42.235.162.120:34043/bin.sh	—	2025-01-01
URL	http://42.56.185.244:38361/bin.sh	—	2025-01-01
URL	http://42.7.154.68:55879/bin.sh	—	2025-01-01
URL	http://42.86.67.102:59820/Mozi.m	—	2025-01-01
URL	http://45.15.157.217/cbb264a91564bd6c.php	—	2025-01-01
URL	http://45.87.153.135/5d4f090c730016b1.php	—	2025-01-01
URL	http://5.42.64.41/	—	2025-01-01
URL	http://5.42.64.41/40d570f44e84a454.php	—	2025-01-01
URL	http://5.42.65.54/4ea69013b92ecb73.php	—	2025-01-01
URL	http://5.42.66.36/1fa9cf51b66b1f7e.php	—	2025-01-01
URL	http://5.42.66.57/3886d2276f6914c4.php	—	2025-01-01
URL	http://5.42.66.58/3886d2276f6914c4.php	—	2025-01-01
URL	http://5.42.92.211/	—	2025-01-01
URL	http://59.182.102.231:56954/i	—	2025-01-01
URL	http://59.182.94.26:42145/bin.sh	—	2025-01-01
URL	http://59.184.54.200:53668/Mozi.m	—	2025-01-01
URL	http://59.184.60.84:38831/bin.sh	—	2025-01-01
URL	http://59.88.238.59:33386/Mozi.m	—	2025-01-01
URL	http://59.89.201.206:53140/bin.sh	—	2025-01-01
URL	http://59.93.146.53:44985/Mozi.m	—	2025-01-01
URL	http://59.93.176.90:45617/bin.sh	—	2025-01-01
URL	http://59.95.216.204:33262/Mozi.m	—	2025-01-01
URL	http://59.95.86.183:40305/Mozi.m	—	2025-01-01
URL	http://59.97.127.251:55423/Mozi.m	—	2025-01-01
URL	http://59.99.217.143:39192/bin.sh	—	2025-01-01
URL	http://61.3.97.160:48247/Mozi.m	—	2025-01-01
URL	http://61.52.225.45:33350/bin.sh	—	2025-01-01
URL	http://77.91.76.36/3886d2276f6914c4.php	—	2025-01-01
URL	http://78.132.147.91:56537/i	—	2025-01-01
URL	http://78.25.120.196:60149/bin.sh	—	2025-01-01
URL	http://79.126.83.182:33476/bin.sh	—	2025-01-01
URL	http://82.117.255.80/c2sock	f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5	2025-01-01
URL	http://95.216.72.17/cdc8cb4ba5f9dfaa.php	—	2025-01-01
URL	http://agustfreeday-my.xyz/c2sock	—	2025-01-01
URL	http://akana.mobiseclab.org	—	2025-01-01
URL	http://clonecloud-my.xyz/c2sock	—	2025-01-01
URL	http://crazypictures.xyz/c2sock	—	2025-01-01
URL	http://dynamic.ttnet.com.tr	—	2025-01-01
URL	http://flowers-my.xyz/c2sock	—	2025-01-01
URL	http://gg123213123sadas-38622.portmap.host/	—	2025-01-01
URL	http://gservice-node.io/c2sock	—	2025-01-01
URL	http://gstatic-node.io/c2sock	—	2025-01-01
URL	http://ikonik2681-35277.portmap.host:35277/	—	2025-01-01
URL	http://intesasanpaolo-configure-login.mywww.biz/g	—	2025-01-01
URL	http://intesasanpaolo-configure-login.mywww.biz/vc	—	2025-01-01
URL	http://intesasanpaolocliente.justdied.com/gocl	—	2025-01-01
URL	http://intesasanpaolocliente.justdied.com/irz	—	2025-01-01
URL	http://intesasanpaolocliente.justdied.com/jaws	—	2025-01-01
URL	http://intesasanpaolocliente.justdied.com/lll	—	2025-01-01
URL	http://intesasanpaolocliente.justdied.com/mass.sh	—	2025-01-01
URL	http://intesasanpaolocliente.justdied.com/mips	—	2025-01-01
URL	http://intesasanpaolocliente.justdied.com/vc	—	2025-01-01
URL	http://jevereg.amnpardaz.com/	—	2025-01-01
URL	http://many-verses.xyz/c2sock	—	2025-01-01
URL	http://nasdnasnd-55496.portmap.host/	—	2025-01-01
URL	http://nasdnasnd-55496.portmap.host:55496/	—	2025-01-01
URL	http://skicloud-my.xyz/c2sock	—	2025-01-01
URL	http://solopodvip-my.xyz/c2sock	—	2025-01-01
URL	http://speedtestip.xyz/c2sock	—	2025-01-01
URL	http://stoppublick.xyz/c2sock	—	2025-01-01
URL	http://vipcloud-my.xyz/c2sock	—	2025-01-01
URL	http://worldofpoetry.xyz/c2sock	—	2025-01-01
URL	http://www.invaluement.com/	—	2025-01-01
URL	http://yousite.com/yourapi.php	083d15a07f8702e1216f5ec39ee1879d1459e307a6ee7ae223651fed856dae93	2025-01-01
URL	https://45.12.253.17/mana/inc/61b46e405d2c1c.php	f510f3500a13fba4b8ffa86e801144d3bc72249aab2f830fc3fd8d187044c9eb	2025-01-01
URL	https://activeheat.co.vu/dek/inc/f08405615b33f6.php	—	2025-01-01
URL	https://apkscan.nviso.be/	—	2025-01-01
URL	https://www.dnsbl.info/	—	2025-01-01
URL	https://www.secondwrite.com	—	2025-01-01
URL	https://www.silobreaker.com/category/threat-reports/	—	2025-01-01

References (2)

↗ https://urlhaus.abuse.ch/ ↗ https://any.run/malware-trends/