2021-02-09 Ave Maria IOCs

1. THREAT ATTRIBUTION: AVE MARIA RAT
2.  
3. SUBJECTS OBSERVED
4. New Order List (REF02092021)
5.  
6. SENDERS OBSERVED
7. [email protected]
8.  
9. MALDOC FILE HASHES
10. Doc#Order.xls
11. d3a6acbd4bf4c338c0c1847ca9fed67d
12.  
13. AVE MARIA PAYLOAD URLS
14. http://45.145.185.153/FileDoc.jpg
15.  
16. FileDoc.jpg
17. e7b543558be2e57faee80d5388fc047f
18.  
19. AVE MARIA PAYLOAD FILE HASHES
20. payload1.exe
21. 88e970889e223f55e348d6258117a345
22.  
23. AVE MARIA C2
24. 45.145.185.153:5210
25.  
26. SUPPORTING EVIDENCE
27. https://urlhaus.abuse.ch/url/997544/
28. https://urlhaus.abuse.ch/browse.php?search=45.145.185.153