← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
LockBit Ransomware Attack via Cobalt Strike
WHITE cryptocti 2025-01-27 Modified: 2025-02-26
62
IOCs
HIGH VOLUME
The attackers deployed Cobalt Strike through a deceptive application to facilitate a LockBit ransomware attack.
classificationhashesdomainsurlshttpscyber threatjanuarytimecrypto cyberdefence
Indicators of Compromise (62)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 03af38505cee81b9d6ecd8c1fd896e0e MD5 of 1ac66fcc34c0b86def886e4e168030dae096927c 2025-01-27
FileHash-MD5 0aa05ebc3b6667954898cfccc4057600 MD5 of c59cbd309b3393cb08a1133364ed11000fdd418d 2025-01-27
FileHash-MD5 0f7b6bb3a239cf7a668a8625e6332639 MD5 of 5263a135f09185aa44f6b73d2f8160f56779706d 2025-01-27
FileHash-MD5 2800a10c4afae44978d906b2abaed745 2025-01-27
FileHash-MD5 40852fde665eb9119fcc565bd68de680 2025-01-27
FileHash-MD5 4457256150386acec794e9e8ee412691 2025-01-27
FileHash-MD5 4794accd22271a28547fb3613ee79218 2025-01-27
FileHash-MD5 573a213191985c555dd7e8de5f0a9cae 2025-01-27
FileHash-MD5 57f791f7477b1f7a1b3605465d054db8 MD5 of bba1bc3ebf07ca3c4e2442f0ba9ea18383ce627b 2025-01-27
FileHash-MD5 6505b488d0c7f3eaee66e3db103d7b05 2025-01-27
FileHash-MD5 671b967eb2bc04a0cd892ca225eb5034 2025-01-27
FileHash-MD5 6d44c5fb49258f285769e50830fc59af 2025-01-27
FileHash-MD5 6e91c474d90546845b1f3f9e7a33411a MD5 of 9352236ad6fe8835979cf11ba5033f8f2fef0f19 2025-01-27
FileHash-MD5 71c8c1a0056fd084bc32a03d9245ad10 2025-01-27
FileHash-MD5 90f9044cfee2c678fe51abd098bdfe97 2025-01-27
FileHash-MD5 996ad32c7ae2190b7fa7876df0d7b717 2025-01-27
FileHash-MD5 b254f8f03e61bd9469df66c189d79871 2025-01-27
FileHash-MD5 d9adb3dd6df169e824b2867a2b8cba89 2025-01-27
FileHash-MD5 ea327ed0a3243847f7cd87661e22e1de 2025-01-27
FileHash-SHA1 1ac66fcc34c0b86def886e4e168030dae096927c 2025-01-27
FileHash-SHA1 450d54d5737164579416ca99af1eb3fa1d4aaff9 2025-01-27
FileHash-SHA1 45337ae989cd62d07059f867ce62ff6b6fc90819 2025-01-27
FileHash-SHA1 4a1e667e0c3550f4446903570adbe7776699d4ca 2025-01-27
FileHash-SHA1 5263a135f09185aa44f6b73d2f8160f56779706d 2025-01-27
FileHash-SHA1 5de1f72ffeea1ecbd287b0ca8ddb2c5264d9acb5 2025-01-27
FileHash-SHA1 84019de427aef1f1e4f32b579767bee6d0bd1e64 2025-01-27
FileHash-SHA1 9352236ad6fe8835979cf11ba5033f8f2fef0f19 2025-01-27
FileHash-SHA1 956e020206c4dc4240537d07be022e86ed918ed1 2025-01-27
FileHash-SHA1 aa19a1648d680c3bfbee7dcc3df41ce98af8e121 2025-01-27
FileHash-SHA1 ab1777107d9996e647d43d1194922b810f198514 2025-01-27
FileHash-SHA1 b077ea03b207cc8b8b48b9b4f9a58dabbd39f678 2025-01-27
FileHash-SHA1 bba1bc3ebf07ca3c4e2442f0ba9ea18383ce627b 2025-01-27
FileHash-SHA1 bf2b396b8fb0b1de27678aab877b6f177546d1c5 2025-01-27
FileHash-SHA1 c59cbd309b3393cb08a1133364ed11000fdd418d 2025-01-27
FileHash-SHA1 c6d54322a17e754150e61f7caa91226a84b0b774 2025-01-27
FileHash-SHA1 ccc6b5bf9591fa9a3d57fd48ee0c9c49a6d22da9 2025-01-27
FileHash-SHA1 da6771fbbcfaf195b80925cefc880794d62d61bf 2025-01-27
FileHash-SHA1 e3619582f4d81ca180dee161bbe49d499b237119 2025-01-27
FileHash-SHA256 10ce939e4ee8b5285d84c7d694481ebbdf986904938d07f7576d733e830ed012 2025-01-27
FileHash-SHA256 18051333e658c4816ff3576a2e9d97fe2a1196ac0ea5ed9ba386c46defafdb88 SHA256 of 5263a135f09185aa44f6b73d2f8160f56779706d 2025-01-27
FileHash-SHA256 2389b3978887ec1094b26b35e21e9c77826d91f7fa25b2a1cb5ad836ba2d7ec4 SHA256 of 1ac66fcc34c0b86def886e4e168030dae096927c 2025-01-27
FileHash-SHA256 3af3f2d08aa598ab4f448af1b01a5ad6c0f8e8982488ebf4e7ae7b166e027a8b 2025-01-27
FileHash-SHA256 3f97e112f0c5ddf0255ef461746a223208dc0846bde2a6dca9c825d9c706a4e9 SHA256 of 9352236ad6fe8835979cf11ba5033f8f2fef0f19 2025-01-27
FileHash-SHA256 44cf04192384e920215f0e335561076050129ad7a43b58b1319fa1f950f6a7b6 SHA256 of c59cbd309b3393cb08a1133364ed11000fdd418d 2025-01-27
FileHash-SHA256 53828f56c6894a468a091c8858d2e29144b68d5de8ff1d69a567e97aac996026 2025-01-27
FileHash-SHA256 578a2ac45e40a686a5f625bbc7873becd8eb9fe58ea07b1d318b93ee0d127d4e 2025-01-27
FileHash-SHA256 59c9d10f06f8cb2049df39fb4870a81999fd3f8a79717df9b309fadeb5f26ef9 2025-01-27
FileHash-SHA256 7673a949181e33ff8ed77d992a2826c25b8da333f9e03213ae3a72bb4e9a705d 2025-01-27
FileHash-SHA256 791157675ad77b0ae9feabd76f4b73754a7537b7a9a2cc74bd0924d65be680e1 2025-01-27
FileHash-SHA256 9bcaad9184b182965923a141f52fb75ddd1975b99ab080869896cee5879ecfad 2025-01-27
FileHash-SHA256 b4ad5df385ee964fe9a800f2cdaa03626c8e8811ddb171f8e821876373335e63 2025-01-27
FileHash-SHA256 b79bb3302691936df7c3315ff3ba7027f722fc43d366ba354ac9c3dac2e01d03 2025-01-27
FileHash-SHA256 ba9b879fdc304bd7f5554528fb8e858ef36ad4657fedfefb8495f43ce73fc6f1 2025-01-27
FileHash-SHA256 c1173628f18f7430d792bbbefc6878bced4539c8080d518555d08683a3f1a835 2025-01-27
FileHash-SHA256 c4863cc28e01713e6a857b940873b0e5caedfd1fcb9b2a8d07ffb4c0c48379d5 2025-01-27
FileHash-SHA256 ced4ee8a9814c243f0c157cda900def172b95bb4bc8535e480fe432ab84b9175 2025-01-27
FileHash-SHA256 d8b2d883d3b376833fa8e2093e82d0a118ba13b01a2054f8447f57d9fec67030 SHA256 of bba1bc3ebf07ca3c4e2442f0ba9ea18383ce627b 2025-01-27
URL https://accessservicesonline.com/setup_wm.exe d8b2d883d3b376833fa8e2093e82d0a118ba13b01a2054f8447f57d9fec67030 2025-01-27
domain accessservicesonline.com 2025-01-27
domain compdatasystems.com 2025-01-27
domain retailadvertisingservices.com 2025-01-27
hostname user.compdatasystems.com 2025-01-27