Azorult_IOCs_2020-05-25_15_53.txt

1. #Azorult #malware #OSINT #IOC
2.  
3. SHA256:
4. #Azorult #malware #OSINT #IOC
5. 19e99ad36e248449944d9979c433f0277eac9e2b0911259e5c39d33bd194f399
6. 425cad64080937fcbefd0888adcd6a7ebecbbb39bed9e1f64172076335f68845
7. 7819bc5124f6f638efe153d2ece14626cc81f07cd499747653f62764ce618002
8. d8f45655685ca97ed8764eb2aabca17f5037a5e5b65a1067cbfa37ba33614b6b
9. 1052af46484d7951eeeeb53dac926cc6a823bd324538950c48dfc4b2b35f830b
10.  
11. IPs:
12. 195[.]140[.]146[.]65
13. 195[.]201[.]225[.]248
14. 31[.]10[.]5[.]15
15. 84[.]38[.]182[.]209
16. 192[.]155[.]111[.]202
17.  
18. Domains:
19. caleromartinez[.]ug
20. marckapiksa[.]ug
21. martinmcclure[.]ug
22. plututiso[.]ug
23. svbx[.]ru
24. telete[.]in
25.  
26. URL:
27. http://31[.]10[.]5[.]15/file_handler/file[.]php?hash=51c2b6e4b72a9142b8ccd02cf52dd2f54090e827&js=41a43d88abeacdf31615bbb984b528dcf3e24cae&callback=http://31[.]10[.]5[.]15/gate
28. http://31[.]10[.]5[.]15/file_handler/file[.]php?hash=b1dcac047784630c11fd36c68f0aeb8226507ec4&js=227450487ab8c0a9e27b4303be7552dd8f0e1af2&callback=http://31[.]10[.]5[.]15/gate
29. http://31[.]10[.]5[.]15/gate/libs[.]zip
30. http://31[.]10[.]5[.]15/gate/log[.]php
31. http://31[.]10[.]5[.]15/gate/sqlite3[.]dll
32. http://marckapiksa[.]ug/ds2[.]exe
33. http://martinmcclure[.]ug/index[.]php
34. http://plututiso[.]ug/nw[.]exe
35. http://plututiso[.]ug/ra2[.]exe
36. http://svbx[.]ru/index[.]php
37. http://192[.]155[.]111[.]202/file_handler/file[.]php?hash=16fa2d5e30f0658a841c08a9c97cd4697af684e7&js=735713389c6bb949ec287c70bb5c8c3222aa4c7c&callback=http://192[.]155[.]111[.]202/gate
38. http://192[.]155[.]111[.]202/file_handler/file[.]php?hash=1aa88bd966e93ed23cc01eee194875235dbbe56f&js=58d6a0dbbe0db843e8857a94f95f0d0091ff9858&callback=http://192[.]155[.]111[.]202/gate
39. http://192[.]155[.]111[.]202/file_handler/file[.]php?hash=3297db3340c27257f4435ac11d27b45ebc46fb60&js=3be944041195f220b9974654c97b8593187162de&callback=http://192[.]155[.]111[.]202/gate
40. http://192[.]155[.]111[.]202/file_handler/file[.]php?hash=56918286dddc45cf963e24bdf9bca06e2f41a78c&js=243933cd64090d5e23e539f8ae16efdde997ea95&callback=http://192[.]155[.]111[.]202/gate
41. http://192[.]155[.]111[.]202/file_handler/file[.]php?hash=79edd50f8dad7e3432be58200676fa652b957d3c&js=7ae1e579ba2695d3ac549fba0f1e122343897cb2&callback=http://192[.]155[.]111[.]202/gate
42. http://192[.]155[.]111[.]202/file_handler/file[.]php?hash=b2c69936b9983a3d49fc7f3fba9695ce9952d4a5&js=00f95fe93f67d6573f6d6660a08d930230bda599&callback=http://192[.]155[.]111[.]202/gate
43. http://192[.]155[.]111[.]202/file_handler/file[.]php?hash=c8b2cd1dbcd773fb5deef2e35ee74bca7abca638&js=84e74ca9772b7d1dce06d211a1c3c974a4b071aa&callback=http://192[.]155[.]111[.]202/gate
44. http://192[.]155[.]111[.]202/gate/libs[.]zip
45. http://192[.]155[.]111[.]202/gate/log[.]php
46. http://192[.]155[.]111[.]202/gate/sqlite3[.]dll