Indicators of Compromise (IOCs)

192.168.1.100

Type: IP Address

Confidence: High

Command and control server for APT29

Associated Data

15 threats
3 groups
2 vulnerabilities

Details

FireEye Threat Intelligence
First seen: 2024-05-15
Last seen: 2024-08-20

More DetailsStatus: Active

malicious-domain.com

Type: Domain

Confidence: High

Phishing campaign associated with FIN7

Associated Data

8 threats
1 groups
1 vulnerabilities

Details

Recorded Future
First seen: 2024-06-02
Last seen: 2024-08-19

More DetailsStatus: Active

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Type: File Hash

Confidence: Medium

Ransomware payload associated with BlackMatter

Associated Data

12 threats
2 groups
3 vulnerabilities

Details

VirusTotal
First seen: 2024-07-10
Last seen: 2024-08-18

More DetailsStatus: Active

https://fake-login.evil.com/portal

Type: URL

Confidence: High

Credential harvesting page for financial institutions

Associated Data

6 threats
1 groups
0 vulnerabilities

Details

PhishTank
First seen: 2024-08-01
Last seen: 2024-08-17

More DetailsStatus: Active

suspicious@attacker.com

Type: Email

Confidence: Medium

Sender email associated with BEC campaigns

Associated Data

4 threats
1 groups
0 vulnerabilities

Details

Proofpoint
First seen: 2024-07-25
Last seen: 2024-08-16

More DetailsStatus: Under Investigation

10.20.30.40

Type: IP Address

Confidence: High

Botnet command and control server

Associated Data

20 threats
4 groups
2 vulnerabilities

Details

Mandiant
First seen: 2024-06-15
Last seen: 2024-08-15

More DetailsStatus: Active

update.legitservice.com

Type: Domain

Confidence: High

Typosquatting domain used in supply chain attacks

Associated Data

10 threats
2 groups
1 vulnerabilities

Details

Symantec
First seen: 2024-07-01
Last seen: 2024-08-14

More DetailsStatus: Active

5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8

Type: File Hash

Confidence: High

Backdoor associated with APT41

Associated Data

18 threats
1 groups
3 vulnerabilities

Details

Microsoft Security Intelligence
First seen: 2024-05-20
Last seen: 2024-08-13

More DetailsStatus: Active

https://cdn.legitimate-looking-site.com/malware.exe

Type: URL

Confidence: Medium

Malware distribution URL masquerading as legitimate CDN

Associated Data

7 threats
2 groups
1 vulnerabilities

Details

Cisco Talos
First seen: 2024-08-01
Last seen: 2024-08-12

More DetailsStatus: Under Investigation

hr@company-careers.com

Type: Email

Confidence: Medium

Phishing email sender impersonating HR departments

Associated Data

5 threats
1 groups
0 vulnerabilities

Details

Trend Micro
First seen: 2024-07-15
Last seen: 2024-08-11

More DetailsStatus: Active

Page 1 of 2

Indicators of Compromise (IOCs)

192.168.1.100

Associated Data

Details

malicious-domain.com

Associated Data

Details

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Associated Data

Details

https://fake-login.evil.com/portal

Associated Data

Details

suspicious@attacker.com

Associated Data

Details

10.20.30.40

Associated Data

Details

update.legitservice.com

Associated Data

Details

5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8

Associated Data

Details

https://cdn.legitimate-looking-site.com/malware.exe

Associated Data

Details

hr@company-careers.com

Associated Data

Details

Stay in the loop