Azorult_IOCs_2020-08-06_13_46.txt

1. Azorult_IOCs_2020-08-06_13_46
2.  
3. Malware Famaily: Azorult
4.  
5. SHA256:
6. 286c2eb8755215619d8cb48cc884091251729d5925b74444fe3b62c2c1a5acb5
7.  
8. IPs:
9. 195.201.225.248
10. 34.65.10.107
11. 217.8.117.77
12.  
13. Domains:
14. fgdjhksdfsdxcbv[.]ru
15. karimgoussd[.]ug
16. mantis[.]co[.]ug
17. mantis[.]ug
18. michaeldiamantis[.]ug
19. telete[.]in
20.  
21. URL:
22. http://34[.]65[.]10[.]107/file_handler4/file[.]php?hash=0e025c9c7179342addcc8db1ba303c52c48b87fc&js=4af86ed09af809cc11ffdc6165dfc322f1ffec1b&callback=http://34[.]65[.]10[.]107/gate,
23. http://34[.]65[.]10[.]107/file_handler4/file[.]php?hash=fe192baa03e9296dad365d2375e918ef54adddd4&js=3734a79b0a68eb2d8b189223e8c68d68436e1fc7&callback=http://34[.]65[.]10[.]107/gate,
24. http://34[.]65[.]10[.]107/gate/libs[.]zip,
25. http://34[.]65[.]10[.]107/gate/log[.]php,
26. http://34[.]65[.]10[.]107/gate/sqlite3[.]dll,
27. http://mantis[.]co[.]ug/ac[.]exe,
28. http://mantis[.]co[.]ug/ds1[.]exe,
29. http://mantis[.]co[.]ug/ds2[.]exe,
30. http://mantis[.]co[.]ug/rc[.]exe,
31. http://mantis[.]ug/,
32. http://mantis[.]ug/freebl3[.]dll,
33. http://mantis[.]ug/main[.]php,
34. http://mantis[.]ug/mozglue[.]dll,
35. http://mantis[.]ug/msvcp140[.]dll,
36. http://mantis[.]ug/nss3[.]dll,
37. http://mantis[.]ug/softokn3[.]dll,
38. http://mantis[.]ug/sqlite3[.]dll,
39. http://mantis[.]ug/vcruntime140[.]dll,
40. http://michaeldiamantis[.]ug/ac[.]exe,
41. http://michaeldiamantis[.]ug/ds1[.]exe,
42. http://michaeldiamantis[.]ug/ds2[.]exe,
43. http://michaeldiamantis[.]ug/index[.]php,
44. http://michaeldiamantis[.]ug/rc[.]exe,
45.  
46. #Azorult #malware #OSINT #IOC
47.  
48.