← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability | CISA
WHITE CTIwangus 2025-04-10 Modified: 2025-05-10
29
IOCs
MEDIUM VOLUME
strongcisalockbitcitrix bleednetscaler adciocscve20234966mitre attpowershellstopransomwarepsexecsectortoolsanydeskimpacketenterprisehuntlsasscyberlocaldownloadaugustmalwarelegendadreconplinkserviceopenimportrestrictupgradeprotectransomwaremcafeeghost
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (29)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 206b8b9624ee446cad18335702d6da19 MD5 of 17a27b1759f10d1f6f1f51a11c0efea550e2075c2c394259af4d3f855bbcc994 2025-04-10
FileHash-MD5 37f7241963cf8279f7c1d322086a5194 MD5 of e557e1440e394537cca71ed3d61372106c3c70eb6ef9f07521768f23a0974068 2025-04-10
FileHash-MD5 6e8ca501c45a9b85fff2378cffaa24b2 2025-04-10
FileHash-MD5 9cff554fa65c1b207da66683b295d4ad MD5 of 906602ea3c887af67bcb4531bbbb459d7c24a2efcb866bcb1e3b028a51f12ae6 2025-04-10
FileHash-MD5 acbabe0d638b3e321237f820219fc216 MD5 of cc21c77e1ee7e916c9c48194fad083b2d4b2023df703e544ffb2d6a0bfc90a63 2025-04-10
FileHash-MD5 d7addb5b6f55eab1686410a17b3c867b MD5 of 498ba0afa5d3b390f852af66bd6e763945bf9b6bff2087015ed8612a18372155 2025-04-10
FileHash-MD5 eb842a9509dece779d138d2e6b0f6949 2025-04-10
FileHash-SHA1 364ef2431a8614b4ef9240afa00cd12bfba3119b SHA1 of 17a27b1759f10d1f6f1f51a11c0efea550e2075c2c394259af4d3f855bbcc994 2025-04-10
FileHash-SHA1 46a8022ce445f74acec30bbbd589d3ad1ee6d483 SHA1 of cc21c77e1ee7e916c9c48194fad083b2d4b2023df703e544ffb2d6a0bfc90a63 2025-04-10
FileHash-SHA1 a54af16b2702fe0e5c569f6d8f17574a9fdaf197 SHA1 of 498ba0afa5d3b390f852af66bd6e763945bf9b6bff2087015ed8612a18372155 2025-04-10
FileHash-SHA1 b8e74921d7923c808a0423e6e46807c4f0699b6e SHA1 of 906602ea3c887af67bcb4531bbbb459d7c24a2efcb866bcb1e3b028a51f12ae6 2025-04-10
FileHash-SHA1 ec401ae8ddebef4038cedb65cc0d5ba6c1fdef28 SHA1 of e557e1440e394537cca71ed3d61372106c3c70eb6ef9f07521768f23a0974068 2025-04-10
FileHash-SHA256 17a27b1759f10d1f6f1f51a11c0efea550e2075c2c394259af4d3f855bbcc994 2025-04-10
FileHash-SHA256 498ba0afa5d3b390f852af66bd6e763945bf9b6bff2087015ed8612a18372155 2025-04-10
FileHash-SHA256 906602ea3c887af67bcb4531bbbb459d7c24a2efcb866bcb1e3b028a51f12ae6 2025-04-10
FileHash-SHA256 98e79f95cf8de8ace88bf223421db5dce303b112152d66ffdf27ebdfcdf967e9 2025-04-10
FileHash-SHA256 9b6b722ba4a691a2fe21747cd5b8a2d18811a173413d4934949047e04e40b30a 2025-04-10
FileHash-SHA256 cc21c77e1ee7e916c9c48194fad083b2d4b2023df703e544ffb2d6a0bfc90a63 2025-04-10
FileHash-SHA256 e557e1440e394537cca71ed3d61372106c3c70eb6ef9f07521768f23a0974068 2025-04-10
FileHash-SHA256 ed5d694d561c97b4d70efe934936286fe562addf7d6836f795b336d9791a5c44 2025-04-10
URL http://62.233.50.25/en-us/docs.html 2025-04-10
URL http://62.233.50.25/en-us/test.html 2025-04-10
URL http://81.19.135.219/F8PtZ87fE8dJWqe.hta 2025-04-10
URL http://81.19.135.219:443/q0X5wzEh6P7.hta 2025-04-10
URL https://adobe-us-updatefiles.digital/index.php 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b 2025-04-10
domain adobe-us-updatefiles.digital 2025-04-10
domain dns0.org 2025-04-10
domain fixme.it 2025-04-10
hostname unattended.techinline.net 2025-04-10
References (1)
↗ https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-325a