ioc-collection/HomuWitch/README.md

# IOC for HomuWitch ransomware

Malware analysis and more technical information at <https://decoded.avast.io/threatresearch/decrypted-homuwitch-ransomware/>


### Table of Contents
* [Samples (SHA-256)](#samples-sha-256)
* [Network indicators](#network-indicators)


## Samples (SHA-256)
```
03e4f770157c11d86d462cc4e9ebeddee3130565221700841a7239e68409accf 
0e42c452b5795a974061712928d5005169126ad1201bd2b9490f377827528e5d 
16c3eea8ed3a44ee22dad8e8aec0c8c6b43c23741498f11337779e6621d1fe4e 
33dd6dfd51b79dad25357f07a8fb4da47cec010e0f8e6d164c546a18ad2a762c 
3546b2dd517a99249ef5fd8dfd2a8fd80cb89dfdc9e38602e1f3115634789316 
4ea00f1ffe2bbbf5476c0eb677ac75cf1a765fe5c8ce899f47eb8b344da878ed 
6252cda4786396ebd7e9baf8ff0454d6af038aed48a7e4ec33cd9249816db2f4 
9343a0714a0e159b1d49b591f0835398076af8c8e2da56cbb8c9b7a15c9707c8 
bd90468f50629728d717c53cd7806ba59d6ad9377163d0d3328d6db4db6a3826 
cd4c3db443dbfd768c59575ede3b1e26002277c109d39ea020d1bc307374e309 
fd32a8c5cd211b057fdf3e7cc27167296c71e3fb42daa488649cdf81f58f6848 
```


## Network indicators
#### C&C servers
```
78.142.0.42
79.137.207.233
185.216.68.97
193.164.150.225
```
Add files via upload 2024-02-20 13:58:46 +00:00			`# IOC for HomuWitch ransomware`

			`Malware analysis and more technical information at <https://decoded.avast.io/threatresearch/decrypted-homuwitch-ransomware/>`


			`### Table of Contents`
			`* [Samples (SHA-256)](#samples-sha-256)`
			`* [Network indicators](#network-indicators)`


			`## Samples (SHA-256)`
			```
			`03e4f770157c11d86d462cc4e9ebeddee3130565221700841a7239e68409accf`
			`0e42c452b5795a974061712928d5005169126ad1201bd2b9490f377827528e5d`
			`16c3eea8ed3a44ee22dad8e8aec0c8c6b43c23741498f11337779e6621d1fe4e`
			`33dd6dfd51b79dad25357f07a8fb4da47cec010e0f8e6d164c546a18ad2a762c`
			`3546b2dd517a99249ef5fd8dfd2a8fd80cb89dfdc9e38602e1f3115634789316`
			`4ea00f1ffe2bbbf5476c0eb677ac75cf1a765fe5c8ce899f47eb8b344da878ed`
			`6252cda4786396ebd7e9baf8ff0454d6af038aed48a7e4ec33cd9249816db2f4`
			`9343a0714a0e159b1d49b591f0835398076af8c8e2da56cbb8c9b7a15c9707c8`
			`bd90468f50629728d717c53cd7806ba59d6ad9377163d0d3328d6db4db6a3826`
			`cd4c3db443dbfd768c59575ede3b1e26002277c109d39ea020d1bc307374e309`
			`fd32a8c5cd211b057fdf3e7cc27167296c71e3fb42daa488649cdf81f58f6848`
			```


			`## Network indicators`
			`#### C&C servers`
			```
			`78.142.0.42`
			`79.137.207.233`
			`185.216.68.97`
			`193.164.150.225`
			```