← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Intel Report - W53-2024
WHITE aa00643640@techmahindra.com 2025-01-01 Modified: 2025-01-31
450
IOCs
HIGH VOLUME
This is a cyber-advisory document, presenting the compiled cyber threat intelligence sourced from various channels and tools. These are weekly base recommendations to all IT Administrators and CISOs to take corrective actions to upgrade their security infrastructure against newly identified threats and attacks in this week. Security is a continuous process, and it has to be reviewed and audited on a continuous manner through manual or automated tools. These details may be used as an additional layer to verify the current security posture of an organization against latest cyber trends.
mozibrazilgermanykazakstansingaporeweekrussiaiocsaustraliafranceukraineindonesiastealcmalwaremexicocryptbotamadeydatebelarusuruguayapachelummacontagious interviewmirai
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Lumma Contagious Interview Mirai
Indicators of Compromise (230 / 450 total)
All hostname URL FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE domain
TYPEINDICATORDESCRIPTIONCREATED
URL http://185.215.113.16/mine/random.exe 2025-01-01
URL http://aloowforest.xyz/c2sock 2025-01-01
URL https://precisionsec.com/threat-intelligence-feeds/ 2025-01-01
URL https://psbl.org/ 2025-01-01
URL http://1.70.13.228:58733/i 2025-01-01
URL http://104.245.33.157/99210de056092a58.php 2025-01-01
URL http://109.107.181.33/de4846fc29f26952.php 2025-01-01
URL http://110.183.53.44:45468/i 2025-01-01
URL http://112.254.195.229:53205/bin.sh 2025-01-01
URL http://114.227.21.112:46800/bin.sh 2025-01-01
URL http://115.49.3.180:56472/i 2025-01-01
URL http://115.49.5.221:56991/bin.sh 2025-01-01
URL http://115.49.77.56:36502/i 2025-01-01
URL http://115.50.215.211:42487/i 2025-01-01
URL http://115.50.33.129:40523/i 2025-01-01
URL http://115.53.242.184:54415/bin.sh 2025-01-01
URL http://115.62.50.157:42393/i 2025-01-01
URL http://115.63.8.147:35591/i 2025-01-01
URL http://116.138.160.83:52954/i 2025-01-01
URL http://117.196.168.233:40819/i 2025-01-01
URL http://117.206.25.84:44142/bin.sh 2025-01-01
URL http://117.206.73.107:44654/bin.sh 2025-01-01
URL http://117.206.77.222:41690/i 2025-01-01
URL http://117.208.214.13:60927/Mozi.m 2025-01-01
URL http://117.209.0.244:35531/bin.sh 2025-01-01
URL http://117.209.15.229:59778/bin.sh 2025-01-01
URL http://117.209.26.14:45397/i 2025-01-01
URL http://117.209.84.221:55877/bin.sh 2025-01-01
URL http://117.209.90.252:50310/i 2025-01-01
URL http://117.212.161.188:35725/Mozi.m 2025-01-01
URL http://117.213.86.110:51476/bin.sh 2025-01-01
URL http://117.213.86.110:51476/i 2025-01-01
URL http://117.213.95.125:37723/bin.sh 2025-01-01
URL http://117.221.170.236:42680/i 2025-01-01
URL http://117.222.122.88:51008/bin.sh 2025-01-01
URL http://117.235.48.139:50576/bin.sh 2025-01-01
URL http://117.242.205.207:55860/i 2025-01-01
URL http://117.255.155.179:51601/Mozi.m 2025-01-01
URL http://119.185.180.237:45744/bin.sh 2025-01-01
URL http://123.10.141.236:44049/bin.sh 2025-01-01
URL http://123.129.153.90:52343/i 2025-01-01
URL http://123.189.135.89:38926/bin.sh 2025-01-01
URL http://123.189.135.89:38926/i 2025-01-01
URL http://123.190.139.89:44688/bin.sh 2025-01-01
URL http://123.4.149.200:39316/bin.sh 2025-01-01
URL http://123.4.74.70:36420/bin.sh 2025-01-01
URL http://123.9.105.181:60865/bin.sh 2025-01-01
URL http://124.132.130.145:35915/bin.sh 2025-01-01
URL http://125.41.136.80:54686/bin.sh 2025-01-01
URL http://149.255.35.132/e50ac16f7b113954.php 2025-01-01
URL http://176.124.198.17/1da263bff25c8346.php 2025-01-01
URL http://182.116.21.162:51523/bin.sh 2025-01-01
URL http://182.116.21.162:51523/i 2025-01-01
URL http://182.116.76.240:47888/bin.sh 2025-01-01
URL http://182.116.80.160:43919/i 2025-01-01
URL http://182.117.106.206:37017/i 2025-01-01
URL http://182.119.0.93:48440/i 2025-01-01
URL http://182.119.120.188:43560/bin.sh 2025-01-01
URL http://182.121.116.0:49274/Mozi.m 2025-01-01
URL http://182.123.162.104:41365/bin.sh 2025-01-01
URL http://182.123.162.104:41365/i 2025-01-01
URL http://182.124.191.130:49264/bin.sh 2025-01-01
URL http://182.124.21.34:42916/Mozi.m 2025-01-01
URL http://182.126.107.15:36755/i 2025-01-01
URL http://185.17.40.133/ba91ff2f6a996325.php 2025-01-01
URL http://185.172.128.24/40d570f44e84a44.php 2025-01-01
URL http://185.172.128.24/40d570f44e84a454.php 2025-01-01
URL http://185.172.128.79/3886d22766914c4.php 2025-01-01
URL http://185.172.128.79/3886d2276f6914c4.php 2025-01-01
URL http://185.215.113.16/Jo89Ku7d/index.php 2025-01-01
URL http://185.215.113.16/inc/gold123.exe 2025-01-01
URL http://185.215.113.16/inc/legs.exe 2025-01-01
URL http://185.215.113.16/inc/stealc_valenciga.exe 5b1538d09a2374d64a845d748f8008438e53938bea792c05bdcf926dfd4503e1 2025-01-01
URL http://185.215.113.16/luma/random.exe 2025-01-01
URL http://185.215.113.16/off/random.exe 2025-01-01
URL http://185.215.113.16/steam/random.exe d9798bda5b0cd389f0b0f184ded085cded77a8652d96be4054789452b2a04ca5 2025-01-01
URL http://185.215.113.16/test/am209.exe 2025-01-01
URL http://185.215.113.16/well/random.exe 48ab56d9a07f126422a6df9bb660a7fb55579a89449faa2f5fb1b5c7ec6a5de6 2025-01-01
URL http://185.215.113.209/Fru7Nk9/index.php 2025-01-01
URL http://185.215.113.43/Zu7JuNko/index.php 2025-01-01
URL http://185.81.68.147/7vhfjke3/Plugins/clip64.dll 2025-01-01
URL http://185.81.68.147/7vhfjke3/index.php 2025-01-01
URL http://185.81.68.147/bin/bot64.bin 2025-01-01
URL http://185.81.68.147/data.php 2025-01-01
URL http://185.81.68.147/dropper64.exe 2025-01-01
URL http://185.81.68.147/ioc.exe 2025-01-01
URL http://185.81.68.147/zx.exe 50f3af8a4b14a6e63cdc7817ecb482d7045458b43d786d580b51e8f12d762106 2025-01-01
URL http://185.81.68.148/8Fvu5jh4DbS/index.php 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 2025-01-01
URL http://185.99.133.246/c2sock 2025-01-01
URL http://193.143.1.46:5938/startuppp.bat 2025-01-01
URL http://195.123.226.91/c2sock 2025-01-01
URL http://195.123.227.138/c2sock 2025-01-01
URL http://200.59.84.92:57526/i 2025-01-01
URL http://218.63.250.185:48082/bin.sh 2025-01-01
URL http://219.157.19.34:35457/i 2025-01-01
URL http://222.142.214.64:36126/i 2025-01-01
URL http://222.90.3.157:60370/i 2025-01-01
URL http://27.216.136.237:36369/bin.sh 2025-01-01
URL http://2flowers-my.xyz/c2sock 2025-01-01
URL http://39.187.82.250:44616/bin.sh 2025-01-01
URL http://39.79.245.89:57632/Mozi.m 2025-01-01
URL http://42.229.173.119:35456/bin.sh 2025-01-01
URL http://42.229.173.119:35456/i 2025-01-01
URL http://42.230.33.191:43486/bin.sh 2025-01-01
URL http://42.231.90.175:56518/bin.sh 2025-01-01
URL http://42.235.103.185:60756/i 2025-01-01
URL http://42.237.0.160:36772/i 2025-01-01
URL http://42.239.148.188:43688/Mozi.m 2025-01-01
URL http://42.53.122.228:33251/i 2025-01-01
URL http://42.53.161.171:45761/i 2025-01-01
URL http://42.56.200.48:36261/bin.sh 2025-01-01
URL http://45.148.10.84/Aqua.arm4 2025-01-01
URL http://45.148.10.84/Aqua.arm5 2025-01-01
URL http://45.148.10.84/Aqua.arm6 2025-01-01
URL http://45.148.10.84/Aqua.arm7 2025-01-01
URL http://45.148.10.84/Aqua.dbg 2025-01-01
URL http://45.148.10.84/Aqua.i686 2025-01-01
URL http://45.148.10.84/Aqua.m68k 2025-01-01
URL http://45.148.10.84/Aqua.mips 2025-01-01
URL http://45.148.10.84/Aqua.mpsl 2025-01-01
URL http://45.148.10.84/Aqua.sh4 2025-01-01
URL http://45.148.10.84/Aqua.spc 2025-01-01
URL http://45.148.10.84/Aqua.x86 2025-01-01
URL http://45.148.10.84/Aqua.x86_64 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.arm4 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.arm5 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.arm6 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.arm7 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.dbg 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.i686 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.m68k 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.mips 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.mpsl 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.ppc 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.sh4 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.spc 2025-01-01
URL http://45.148.10.84/no_killer/Aqua.x86 2025-01-01
URL http://45.15.157.217/cbb264a91564bd6c.php 2025-01-01
URL http://45.87.153.135/5d4f090c730016b1.php 2025-01-01
URL http://5.230.228.134/p 2025-01-01
URL http://5.230.228.134/ss/armv7l 2025-01-01
URL http://5.230.228.134/t 2025-01-01
URL http://5.230.228.134/tt/armv4l 2025-01-01
URL http://5.230.228.134/tt/armv5l 2025-01-01
URL http://5.230.228.134/tt/armv6l 2025-01-01
URL http://5.230.228.134/tt/mips 2025-01-01
URL http://5.230.228.134/tt/mips64 2025-01-01
URL http://5.230.228.134/tt/mipsel 2025-01-01
URL http://5.230.228.134/v 2025-01-01
URL http://5.230.228.134/vv/armv4eb 2025-01-01
URL http://5.230.228.134/vv/mips 2025-01-01
URL http://5.230.228.134/vv/mips64 2025-01-01
URL http://5.230.228.134/vv/sparc 2025-01-01
URL http://5.42.64.41/ 2025-01-01
URL http://5.42.64.41/40d570f44e84a454.php 2025-01-01
URL http://5.42.65.54/4ea69013b92ecb73.php 2025-01-01
URL http://5.42.66.36/1fa9cf51b66b1f7e.php 2025-01-01
URL http://5.42.66.57/3886d2276f6914c4.php 2025-01-01
URL http://5.42.66.58/3886d2276f6914c4.php 2025-01-01
URL http://5.42.92.211/ 2025-01-01
URL http://59.182.101.21:34607/bin.sh 2025-01-01
URL http://59.183.123.29:35616/i 2025-01-01
URL http://59.94.46.131:40126/Mozi.m 2025-01-01
URL http://59.95.114.101:46676/bin.sh 2025-01-01
URL http://59.95.95.12:48245/bin.sh 2025-01-01
URL http://59.97.112.214:35534/bin.sh 2025-01-01
URL http://59.97.112.214:35534/i 2025-01-01
URL http://59.97.119.180:49989/i 2025-01-01
URL http://59.98.103.189:55931/i 2025-01-01
URL http://60.22.62.134:52696/bin.sh 2025-01-01
URL http://61.0.208.241:54263/i 2025-01-01
URL http://61.3.27.236:60979/i 2025-01-01
URL http://61.53.82.255:36620/bin.sh 2025-01-01
URL http://77.247.88.101:32860/bin.sh 2025-01-01
URL http://77.91.76.36/3886d2276f6914c4.php 2025-01-01
URL http://82.117.255.80/c2sock f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5 2025-01-01
URL http://95.216.72.17/cdc8cb4ba5f9dfaa.php 2025-01-01
URL http://adsl-pool.sx.cn 2025-01-01
URL http://agustfreeday-my.xyz/c2sock 2025-01-01
URL http://akana.mobiseclab.org 2025-01-01
URL http://bapromuxbes.duckdns.org:5938/startuppp.bat 2025-01-01
URL http://capitalisca.duckdns.org:5938/new.bat 2025-01-01
URL http://cfive5vt.top/gate.php 2025-01-01
URL http://clonecloud-my.xyz/c2sock 2025-01-01
URL http://crazypictures.xyz/c2sock 2025-01-01
URL http://dbasopma.cv:5938/startuppp.bat 2025-01-01
URL http://dbasopma.info:5938/new.bat 2025-01-01
URL http://dbasopma.info:5938/startuppp.bat 2025-01-01
URL http://dbasopma.my:5938/startuppp.bat 2025-01-01
URL http://dynamic.ttnet.com.tr 2025-01-01
URL http://flowers-my.xyz/c2sock 2025-01-01
URL http://fygbib44.top/gate.php 2025-01-01
URL http://gservice-node.io/c2sock 2025-01-01
URL http://gstatic-node.io/c2sock 2025-01-01
URL http://iconpln.net.id 2025-01-01
URL http://in-addr.arpa.verointernet.com.br 2025-01-01
URL http://jevereg.amnpardaz.com/ 2025-01-01
URL http://many-verses.xyz/c2sock 2025-01-01
URL http://novelltelecom.com.br 2025-01-01
URL http://pfive5pt.top/gate.php 2025-01-01
URL http://pfive5sr.top/gate.php 2025-01-01
URL http://pfive5vt.top/gate.php/ 2025-01-01
URL http://pldt.net 2025-01-01
URL http://psix6sb.top/gate.php 2025-01-01
URL http://psix6vt.top/gate.php/ 2025-01-01
URL http://sginiv12.top/gate.php 2025-01-01
URL http://sgizfn14.top/gate.php 2025-01-01
URL http://skicloud-my.xyz/c2sock 2025-01-01
URL http://solopodvip-my.xyz/c2sock 2025-01-01
URL http://speedtestip.xyz/c2sock 2025-01-01
URL http://stoppublick.xyz/c2sock 2025-01-01
URL http://universotecnologiainternet.com.br 2025-01-01
URL http://vbthre3vs.top/zip.php 2025-01-01
URL http://vfive5pn.top/gate.php 2025-01-01
URL http://vfive5sr.top/gate.php 2025-01-01
URL http://vipcloud-my.xyz/c2sock 2025-01-01
URL http://vseven7sr.top/gate.php 2025-01-01
URL http://worldofpoetry.xyz/c2sock 2025-01-01
URL http://wuqvas12.top/gate.php 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5 2025-01-01
URL http://www.invaluement.com/ 2025-01-01
URL http://xfive5pn.top/gate.php 2025-01-01
URL http://xfive5sr.top/gate.php 2025-01-01
URL http://xfive5vs.top/gate.php 2025-01-01
URL http://zfive5sr.top/gate.php 2025-01-01
URL http://zfive5vs.top/gate.php 2025-01-01
URL http://zfive5vt.top/gate.php 2025-01-01
URL https://apkscan.nviso.be/ 2025-01-01
URL https://www.dnsbl.info/ 2025-01-01
URL https://www.secondwrite.com 2025-01-01
URL https://www.silobreaker.com/category/threat-reports/ 2025-01-01
References (2)
↗ https://any.run/malware-trends/ ↗ https://urlhaus.abuse.ch/