API tools faq
paste
Advertisement
pandazheng

2021-06-07-Mirai-IOCs

pandazheng
Jun 10th, 2021
168
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.77 KB | None | 0 0
raw download clone embed print report
  1. IOCs
  2.  
  3. | URL | SHA-256 |
  4. |:-------------:|------:|
  5. | 212[.]192.241.72/bins/dark.arm5 | 4b745539ee696697a465a86a8f9f70d89c35ddbeef0a0f3244e2d3fe65b43b01 |
  6. | 212[.]192.241.72/bins/dark.arm5 | fd22a14e31f6675c50b5c57fdaa09fcf466a39b2eb6fccb546c419aa4064a96d |
  7. | 212[.]192.241.72/bins/dark.arm6 | 03ba8eaacbff2ae82b2f834b47fc055127733116eb7ed6a95fc3cbfa243135ef |
  8. | 212[.]192.241.72/bins/dark.arm6 | 9df3df2e35a6ebc669dc84a04dc8ceacd26ac2d92e3358061448a0d69d1c0b03 |
  9. | 212[.]192.241.72/bins/dark.arm7 | 75612082a5eb445067fc4e8ba155b13d07786930e1f1528ded4228294ff84c0d |
  10. | 212[.]192.241.72/bins/dark.arm7 | e93b82e208d59b4d3655437a124fc48045e90897a5854c2f9b77cca909c7b1d0 |
  11. | 212[.]192.241.72/bins/dark.m68k | b15a302c698a454548c42c144a23da4435db2423100416adfb52bd75794dce01 |
  12. | 212[.]192.241.72/bins/dark.m68k | c22292b2a99aa62865bdcb961be4ca9d4605c04359373af5122693265d7664fc |
  13. | 212[.]192.241.72/bins/dark.mips | 04d2b1479280a2633f570d36645a0d9a79ec4082d9a45d371a46dcf02e40866f |
  14. | 212[.]192.241.72/bins/dark.mips | 8b028d9bba07127393e17147420348012000cf1b877d4e9544476ac7d23921af |
  15. | 212[.]192.241.72/bins/dark.mpsl | 2f3a427e041122bdb02364b0a15568262dfc27a509f4962fe5a334cc872863e1 |
  16. | 212[.]192.241.72/bins/dark.mpsl | 701e8e574a0dd36e0c28628721496a57a48f94e49a60b354520f7127da76b6f1 |
  17. | 212[.]192.241.72/bins/dark.ppc | 25fcefa76d1752b40b33f353332ddb48b3bae529f0af24347ffeffc5e1acd5cd |
  18. | 212[.]192.241.72/bins/dark.ppc | e27d03679f4dc02cc32230c782ed6883af0086220817bf0d4578e5aa0ffc43c2 |
  19. | 212[.]192.241.72/bins/dark.sh4 | 1eeddcaa24d935c4d5463b46902726e4d23c6746493c5734b693bae71b6b613a |
  20. | 212[.]192.241.72/bins/dark.spc | 30aacb60ab0c7f0440d166bd7993d576ef37b0ee8ecd71a707f57be29d9b75e4 |
  21. | 212[.]192.241.72/bins/dark.x86 | 08efaafd5ca09611ecde73d48a4f3eef20e55c715c0d6a1e9f4c274c31e75ee5 |
  22. | 212[.]192.241.72/bins/dark.x86 | 483f452d2ccf44866dbb42a7cf5213a666eed57b6e78fca8db32861452f94cb2 |
  23.  
  24. Vulnerabilities targeted :
  25. * CVE-2021-1497 Cisco HyperFlex HX Command Injection
  26.  
  27. * Unidentified vulnerability
  28. ```
  29. GET enable=aaa;[payload]
  30. ```
  31.  
  32. * CVE-2021-31755 Tenda AC11 Router RCE
  33.  
  34. * OptiLink ONT1GEW GPON Router RCE
  35.  
  36. * CVE-2009-4487 nginx 0.7.64 Terminal Escape Sequence in Logs Command Injection
  37.  
  38. * CVE-2020-28188 TerraMaster TOS RCE
  39.  
  40. * CVE-2020-26919 Netgear ProSAFE RCE
  41.  
  42. * CVE-2021-25502 Micro Focus Operation Bridge Reporter (OBR) RCE
  43.  
  44. * Unidentified vulnerability previously seen and reported [here](https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/)
  45.  
  46. * CVE-2020-25506 D-Link DNS-320 Firewall RCE
  47.  
  48. * VisualDoor SonicWall SSL-VPN RCE
  49.  
  50. * CVE-2021-27561 & CVE-2021-27562 Yealink Device Management Pre-Auth β€˜root’ Level RCE
  51.  
  52. Previous Research on the same variant : https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!