Mirrors
/
ioc-collection
mirror of https://github.com/avast/ioc
6
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add files via upload

This commit is contained in:
avast-ti 2024-02-20 14:58:46 +01:00 committed by GitHub
parent b515ef8c40
commit 01ebdae33c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 71 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
HomuWitch/README.md Normal file
View File

@ -0,0 +1,34 @@
# IOC for HomuWitch ransomware
Malware analysis and more technical information at <https://decoded.avast.io/threatresearch/decrypted-homuwitch-ransomware/>
### Table of Contents
* [Samples (SHA-256)](#samples-sha-256)
* [Network indicators](#network-indicators)
## Samples (SHA-256)
```
03e4f770157c11d86d462cc4e9ebeddee3130565221700841a7239e68409accf
0e42c452b5795a974061712928d5005169126ad1201bd2b9490f377827528e5d
16c3eea8ed3a44ee22dad8e8aec0c8c6b43c23741498f11337779e6621d1fe4e
33dd6dfd51b79dad25357f07a8fb4da47cec010e0f8e6d164c546a18ad2a762c
3546b2dd517a99249ef5fd8dfd2a8fd80cb89dfdc9e38602e1f3115634789316
4ea00f1ffe2bbbf5476c0eb677ac75cf1a765fe5c8ce899f47eb8b344da878ed
6252cda4786396ebd7e9baf8ff0454d6af038aed48a7e4ec33cd9249816db2f4
9343a0714a0e159b1d49b591f0835398076af8c8e2da56cbb8c9b7a15c9707c8
bd90468f50629728d717c53cd7806ba59d6ad9377163d0d3328d6db4db6a3826
cd4c3db443dbfd768c59575ede3b1e26002277c109d39ea020d1bc307374e309
fd32a8c5cd211b057fdf3e7cc27167296c71e3fb42daa488649cdf81f58f6848
```
## Network indicators
#### C&C servers
```
78.142.0.42
79.137.207.233
185.216.68.97
193.164.150.225
```

4
HomuWitch/network.txt Normal file
View File

@ -0,0 +1,4 @@
78.142.0.42
79.137.207.233
185.216.68.97
193.164.150.225

11
HomuWitch/samples.md5 Normal file
View File

@ -0,0 +1,11 @@
6a4031b90648996edc96a2613770dfed
1caeab3061916c42797db6be6c104cff
c76d1ffe5f002c50351831497e27288d
622977646b6dc119fd7d72f0220aeb08
4c94cdd785aebedcf2eb3fe4a8b1b7a6
39fb8a39ef0ae859010229792b18a433
ee2fd6e1d0e51600906c1e8455197e25
7edc06ae0340336dd0f0cb1dc3ba291b
7664f920818f0ed143cca2ac6da60a57
739b13103a0ae7db5e975408bd022dc9
0c99df62c54ed0260d90b92f421ca263

11
HomuWitch/samples.sha1 Normal file
View File

@ -0,0 +1,11 @@
96490ad9b42b7dfd8af9ffad6ec55d60bba51864
fb99aaa96d674d28a04894c8f82047cea2808b94
78abf1fcc5783e9c62c78f7ce4b066675bbd71ce
6b904b334653089b627627946553a1ccce9c3220
332c5cde06c6a3e6174e0bfd846da971f4151599
35c5b1de844136e32a883981cba8add3af43e952
df457aea410c6baa767aa281120780b4b1e9e9ed
1e5fdbe22cc41a0ecc18ee6808608cea4b31fba8
f1575fc3274cebe0a02cbc6d2db7673084ef5870
2ca94ba8726810b49d69422d3ff5ae4622090f19
1f161f720f187c2047f197cb3b50dc44a9603c06

11
HomuWitch/samples.sha256 Normal file
View File

@ -0,0 +1,11 @@
03e4f770157c11d86d462cc4e9ebeddee3130565221700841a7239e68409accf
0e42c452b5795a974061712928d5005169126ad1201bd2b9490f377827528e5d
16c3eea8ed3a44ee22dad8e8aec0c8c6b43c23741498f11337779e6621d1fe4e
33dd6dfd51b79dad25357f07a8fb4da47cec010e0f8e6d164c546a18ad2a762c
3546b2dd517a99249ef5fd8dfd2a8fd80cb89dfdc9e38602e1f3115634789316
4ea00f1ffe2bbbf5476c0eb677ac75cf1a765fe5c8ce899f47eb8b344da878ed
6252cda4786396ebd7e9baf8ff0454d6af038aed48a7e4ec33cd9249816db2f4
9343a0714a0e159b1d49b591f0835398076af8c8e2da56cbb8c9b7a15c9707c8
bd90468f50629728d717c53cd7806ba59d6ad9377163d0d3328d6db4db6a3826
cd4c3db443dbfd768c59575ede3b1e26002277c109d39ea020d1bc307374e309
fd32a8c5cd211b057fdf3e7cc27167296c71e3fb42daa488649cdf81f58f6848