Pulse Detail — Threat Intelligence

PULSE NAME

lizardsquad malwares mozy mirai FROM CRM, RYAN AND KAYOS

WHITE lizardsqua 2025-06-05 Modified: 2025-07-05

125

IOCs

HIGH VOLUME

↓ CSV ↓ JSON

spreading on discord, steam and various other. infecting his potential customer

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1036 T1055 T1070 T1071 T1082 T1095 T1105 T1573 T1574

Indicators of Compromise (125)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname CIDR

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	d18a76a6c215ad919863695e6064d320	—	2025-06-05
FileHash-SHA1	ccf54300d34b7c208a0a32e785e1506738560006	—	2025-06-05
FileHash-SHA256	896e3d7f635b3cd2db0d7c07d3543190bd5cb97ed239e32521d04a2d69550d13	—	2025-06-05
FileHash-SHA256	97b7b5910a32d35a37d6596f6deed523b6361bb193dbc3088aedd9ded58233cc	—	2025-06-05
FileHash-SHA256	ec2d0dd91948680d5319f86598c5f279c3c28cf02b65e164f95e230927281f61	—	2025-06-05
URL	https://afra.id/file/7az7a6	—	2025-06-05
URL	https://alo.ne/	—	2025-06-05
domain	afra.id	—	2025-06-05
FileHash-SHA256	582872a3dbea7ec9d791b3d1464bce1afbd8e5c6f395614045afe6a5f74b1c05	—	2025-06-05
URL	http://185.130.46.236:123	—	2025-06-05
URL	http://185.130.46.236:143	—	2025-06-05
URL	http://185.130.46.236:22	—	2025-06-05
URL	http://185.130.46.236:25	—	2025-06-05
URL	http://185.130.46.236:3478	—	2025-06-05
URL	http://185.130.46.236:4190	—	2025-06-05
URL	http://185.130.46.236:443	—	2025-06-05
URL	http://185.130.46.236:465	—	2025-06-05
URL	http://185.130.46.236:5000	—	2025-06-05
URL	http://185.130.46.236:5080	—	2025-06-05
URL	http://185.130.46.236:5222	—	2025-06-05
URL	http://185.130.46.236:5223	—	2025-06-05
URL	http://185.130.46.236:5269	—	2025-06-05
URL	http://185.130.46.236:5443	—	2025-06-05
URL	http://185.130.46.236:587	—	2025-06-05
URL	http://185.130.46.236:80	—	2025-06-05
URL	http://185.130.46.236:8080	—	2025-06-05
URL	http://185.130.46.236:993	—	2025-06-05
URL	https://185.130.46.236/	—	2025-06-05
hostname	250-mail.simswap.in	—	2025-06-05
hostname	mail.simswap.in	—	2025-06-05
URL	http://postfixadmin.simswap.in/login.php	—	2025-06-05
URL	https://alo.ne/7az7a6	—	2025-06-05
URL	https://alone.sellsn.io/product/50882b16-da06-40e0-a602-f2fb53c7f09a	—	2025-06-05
URL	https://main.alo.ne/	—	2025-06-05
URL	https://webmail.alo.ne	—	2025-06-05
domain	ageba.it	—	2025-06-05
domain	bayon.et	—	2025-06-05
domain	bruis.es	—	2025-06-05
domain	deni.al	—	2025-06-05
domain	doxi.ng	—	2025-06-05
domain	drugabu.se	—	2025-06-05
domain	excus.es	—	2025-06-05
domain	exitsc.am	—	2025-06-05
domain	glowi.es	—	2025-06-05
domain	homicid.es	—	2025-06-05
domain	karamb.it	—	2025-06-05
domain	larp.money	—	2025-06-05
domain	larpi.ng	—	2025-06-05
domain	pinge.rs	—	2025-06-05
domain	sexu.al	—	2025-06-05
domain	simswap.in	—	2025-06-05
domain	skid.rip	—	2025-06-05
domain	supersta.rs	—	2025-06-05
domain	swatti.ng	—	2025-06-05
domain	trapst.ar	—	2025-06-05
domain	trolli.ng	—	2025-06-05
hostname	alone.sellsn.io	—	2025-06-05
hostname	main.alo.ne	—	2025-06-05
hostname	postfixadmin.simswap.in	—	2025-06-05
hostname	webmail.alo.ne	—	2025-06-05
URL	http://larp.money	—	2025-06-05
URL	http://ageba.it	—	2025-06-05
URL	http://alo.ne	—	2025-06-05
URL	http://bayon.et	—	2025-06-05
URL	http://bruis.es	—	2025-06-05
URL	http://deni.al	—	2025-06-05
URL	http://doxi.ng	—	2025-06-05
URL	http://drugabu.se	—	2025-06-05
URL	http://excus.es	—	2025-06-05
URL	http://exitsc.am	—	2025-06-05
URL	http://glowi.es	—	2025-06-05
URL	http://homicid.es	—	2025-06-05
URL	http://karamb.it	—	2025-06-05
URL	http://larpi.ng	—	2025-06-05
URL	http://pinge.rs	—	2025-06-05
URL	http://sexu.al	—	2025-06-05
URL	http://skid.rip	—	2025-06-05
URL	http://supersta.rs	—	2025-06-05
URL	http://swatti.ng	—	2025-06-05
URL	http://trapst.ar	—	2025-06-05
URL	http://trolli.ng	—	2025-06-05
URL	https://main.alo.ne	—	2025-06-05
URL	https://simswap.in	—	2025-06-05
URL	https://simswap.in/	—	2025-06-05
URL	https://simswap.in/favicon.ico	—	2025-06-05
CIDR	185.130.46.0/24	—	2025-06-05
FileHash-MD5	0debd3853f330c574b05e0b6d882dc27	—	2025-06-05
FileHash-MD5	15af977ce25de452b96affa2addb1036	—	2025-06-05
FileHash-MD5	184d532a16876b78846ae6a03f654890	—	2025-06-05
FileHash-MD5	475c9302dc42b2751db9edcac3b74891	—	2025-06-05
FileHash-MD5	745943fda759f8d8b8dc14de3341e122	—	2025-06-05
FileHash-MD5	779664e66160bf75999f091fce5edb5a	—	2025-06-05
FileHash-MD5	9424803a662b126a748cf4f90707a33c	—	2025-06-05
FileHash-MD5	a5308aa908d3edc2392a602b7adac57a	—	2025-06-05
FileHash-MD5	aa99ce74e2c6d013c745aa52b5cc042d	—	2025-06-05
FileHash-MD5	b8d8f22562475aebf44ad54175c1d9c7	—	2025-06-05
FileHash-MD5	d25619cb77d3219fc9fc14cb6b35eacc	—	2025-06-05
FileHash-SHA1	aefc2371cbd0aa69964806035c1b06354de383ba	—	2025-06-05
FileHash-SHA1	d826bc93a1b09d93883c398474c6479ca66a6361	—	2025-06-05
FileHash-SHA256	18df6f8cacc6075ed933566a04cd5cb95e7d8a876c4802fef4a9bc8c18f7d0ce	—	2025-06-05
FileHash-SHA256	2edfe89e36e2ad0e65d92b0a55b2dc1365a4b7cbdc7794ae3dbae2310a5075c0	—	2025-06-05
FileHash-SHA256	3043058f99214aea5963642c89b720fd08dd6db5b467797939762c82163dc2fa	—	2025-06-05
FileHash-SHA256	30cd18fd640f31e42e9f39183cfc34251d0a2fa05bc725c5d2df2cd37a30cf93	—	2025-06-05
FileHash-SHA256	3bc2c034e7ab55425174967a71d17ea43d43cde970d4f65565590ceb230a6e98	—	2025-06-05
FileHash-SHA256	41a23cce04885d1d22b7c6505b335c1f35c94911be8f4faaf6c4d5d8c261ae82	—	2025-06-05
FileHash-SHA256	545efabd25065c4e9618ee1e8b3c34fe42ac73d54a100640f1681bb817eca0da	—	2025-06-05
FileHash-SHA256	56e4e9b303052f3f6c8a88219fd7390f0d8c5c00722e3dca7ee2aff66a11201a	—	2025-06-05
FileHash-SHA256	591e9ce6c863d3a079e9fabe1478c7339a26b21269dde795211361024ae31a44	—	2025-06-05
FileHash-SHA256	732c8ab6d76db4d7ef1f16537f6d2671d08bce25cac218473764e72fab5550dd	—	2025-06-05
FileHash-SHA256	735898f69547f586fafa4b193c98f8c35a406bff92abeeba4ac0d431a594fe89	—	2025-06-05
FileHash-SHA256	77c29371b41d327337e46dbcca3f73411f48c537eeb96cf3a76ec59979d54434	—	2025-06-05
FileHash-SHA256	78f6634b89c18fa5140f6eef4d1d761860265678d23dc1326ae036f022510ed0	—	2025-06-05
FileHash-SHA256	79793d82419583ca7ffbeac7efbea16028d803170cb5edeb105ffe6b9d114886	—	2025-06-05
FileHash-SHA256	95b0bc7f16bc045c92d36d902fb9d48b4efc3493ec4b515461c35bac344f9940	—	2025-06-05
FileHash-SHA256	9d7c3f1aa6ad2b2ec0d5cf1e246f8d9ae6cbc9fd0755ad37bb974b1f2fb603f3	—	2025-06-05
FileHash-SHA256	9e5341a8e7b175a7bce5cc01a784ba93d82643228d5e2560ffb849840d9ac31d	—	2025-06-05
FileHash-SHA256	9e5c2256fdd90019d57fb4f64a9cef2016822f794235217bb95d830fa86a8530	—	2025-06-05
FileHash-SHA256	f94f0aec4a9aca0a9d959bd3a2510a1ea07b3ddc0592bb16c3d0867ed8e3abf1	—	2025-06-05
URL	http://185.130.46.236/	—	2025-06-05
URL	https://185.130.46.236/\	—	2025-06-05
URL	https://185.130.46.236/\r\nContent-Length:	—	2025-06-05
URL	https://185.130.46.236/favicon.ico	—	2025-06-05
URL	https://alo.ne/7az7a6\	—	2025-06-05
URL	https://main.alo.ne/\	—	2025-06-05
hostname	mail.alo.ne	—	2025-06-05

References (1)

↗