mirror of
https://github.com/avast/ioc
synced 2024-06-16 11:58:39 +00:00
Compare commits
3 Commits
489000b8b6
...
e89f404e7d
Author | SHA1 | Date | |
---|---|---|---|
|
e89f404e7d | ||
|
01ebdae33c | ||
|
379cf2881a |
34
HomuWitch/README.md
Normal file
34
HomuWitch/README.md
Normal file
@ -0,0 +1,34 @@
|
||||
# IOC for HomuWitch ransomware
|
||||
|
||||
Malware analysis and more technical information at <https://decoded.avast.io/threatresearch/decrypted-homuwitch-ransomware/>
|
||||
|
||||
|
||||
### Table of Contents
|
||||
* [Samples (SHA-256)](#samples-sha-256)
|
||||
* [Network indicators](#network-indicators)
|
||||
|
||||
|
||||
## Samples (SHA-256)
|
||||
```
|
||||
03e4f770157c11d86d462cc4e9ebeddee3130565221700841a7239e68409accf
|
||||
0e42c452b5795a974061712928d5005169126ad1201bd2b9490f377827528e5d
|
||||
16c3eea8ed3a44ee22dad8e8aec0c8c6b43c23741498f11337779e6621d1fe4e
|
||||
33dd6dfd51b79dad25357f07a8fb4da47cec010e0f8e6d164c546a18ad2a762c
|
||||
3546b2dd517a99249ef5fd8dfd2a8fd80cb89dfdc9e38602e1f3115634789316
|
||||
4ea00f1ffe2bbbf5476c0eb677ac75cf1a765fe5c8ce899f47eb8b344da878ed
|
||||
6252cda4786396ebd7e9baf8ff0454d6af038aed48a7e4ec33cd9249816db2f4
|
||||
9343a0714a0e159b1d49b591f0835398076af8c8e2da56cbb8c9b7a15c9707c8
|
||||
bd90468f50629728d717c53cd7806ba59d6ad9377163d0d3328d6db4db6a3826
|
||||
cd4c3db443dbfd768c59575ede3b1e26002277c109d39ea020d1bc307374e309
|
||||
fd32a8c5cd211b057fdf3e7cc27167296c71e3fb42daa488649cdf81f58f6848
|
||||
```
|
||||
|
||||
|
||||
## Network indicators
|
||||
#### C&C servers
|
||||
```
|
||||
78.142.0.42
|
||||
79.137.207.233
|
||||
185.216.68.97
|
||||
193.164.150.225
|
||||
```
|
4
HomuWitch/network.txt
Normal file
4
HomuWitch/network.txt
Normal file
@ -0,0 +1,4 @@
|
||||
78.142.0.42
|
||||
79.137.207.233
|
||||
185.216.68.97
|
||||
193.164.150.225
|
11
HomuWitch/samples.md5
Normal file
11
HomuWitch/samples.md5
Normal file
@ -0,0 +1,11 @@
|
||||
6a4031b90648996edc96a2613770dfed
|
||||
1caeab3061916c42797db6be6c104cff
|
||||
c76d1ffe5f002c50351831497e27288d
|
||||
622977646b6dc119fd7d72f0220aeb08
|
||||
4c94cdd785aebedcf2eb3fe4a8b1b7a6
|
||||
39fb8a39ef0ae859010229792b18a433
|
||||
ee2fd6e1d0e51600906c1e8455197e25
|
||||
7edc06ae0340336dd0f0cb1dc3ba291b
|
||||
7664f920818f0ed143cca2ac6da60a57
|
||||
739b13103a0ae7db5e975408bd022dc9
|
||||
0c99df62c54ed0260d90b92f421ca263
|
11
HomuWitch/samples.sha1
Normal file
11
HomuWitch/samples.sha1
Normal file
@ -0,0 +1,11 @@
|
||||
96490ad9b42b7dfd8af9ffad6ec55d60bba51864
|
||||
fb99aaa96d674d28a04894c8f82047cea2808b94
|
||||
78abf1fcc5783e9c62c78f7ce4b066675bbd71ce
|
||||
6b904b334653089b627627946553a1ccce9c3220
|
||||
332c5cde06c6a3e6174e0bfd846da971f4151599
|
||||
35c5b1de844136e32a883981cba8add3af43e952
|
||||
df457aea410c6baa767aa281120780b4b1e9e9ed
|
||||
1e5fdbe22cc41a0ecc18ee6808608cea4b31fba8
|
||||
f1575fc3274cebe0a02cbc6d2db7673084ef5870
|
||||
2ca94ba8726810b49d69422d3ff5ae4622090f19
|
||||
1f161f720f187c2047f197cb3b50dc44a9603c06
|
11
HomuWitch/samples.sha256
Normal file
11
HomuWitch/samples.sha256
Normal file
@ -0,0 +1,11 @@
|
||||
03e4f770157c11d86d462cc4e9ebeddee3130565221700841a7239e68409accf
|
||||
0e42c452b5795a974061712928d5005169126ad1201bd2b9490f377827528e5d
|
||||
16c3eea8ed3a44ee22dad8e8aec0c8c6b43c23741498f11337779e6621d1fe4e
|
||||
33dd6dfd51b79dad25357f07a8fb4da47cec010e0f8e6d164c546a18ad2a762c
|
||||
3546b2dd517a99249ef5fd8dfd2a8fd80cb89dfdc9e38602e1f3115634789316
|
||||
4ea00f1ffe2bbbf5476c0eb677ac75cf1a765fe5c8ce899f47eb8b344da878ed
|
||||
6252cda4786396ebd7e9baf8ff0454d6af038aed48a7e4ec33cd9249816db2f4
|
||||
9343a0714a0e159b1d49b591f0835398076af8c8e2da56cbb8c9b7a15c9707c8
|
||||
bd90468f50629728d717c53cd7806ba59d6ad9377163d0d3328d6db4db6a3826
|
||||
cd4c3db443dbfd768c59575ede3b1e26002277c109d39ea020d1bc307374e309
|
||||
fd32a8c5cd211b057fdf3e7cc27167296c71e3fb42daa488649cdf81f58f6848
|
@ -145,7 +145,7 @@ C:\Users\Administrator.WIN7-2021OVWRCZ\.cargo\registry\src\mirrors.ustc.edu.cn-
|
||||
C:\Users\root\.cargo\registry\src\mirrors.ustc.edu.cn-
|
||||
/root/.cargo/registry/src/mirrors.ustc.edu.cn-
|
||||
```
|
||||
#### Github
|
||||
#### GitHub
|
||||
```
|
||||
h5[.]qianxin[.]com
|
||||
https[:]//weixin[.]qq[.]com/g/AQYAAEoVSAjZ35xwIeusxAmY6Qm2wKXvvjp6Ed7stK2OrUIl-a6Czezgc4QYv6GS
|
||||
|
Loading…
Reference in New Issue
Block a user