ioc-collection/F-Scrack-mimikatz

IoC for F-Scrack-mimikatz

Malware analysis and more technical information at https://decoded.avast.io/ondrejmokos/f-scrack-mimikatz-a-bundle-of-tools/

Table of Contents

• Samples (SHA-256)
• Network indicators

Samples (SHA-256)

fd5a462016f5a5c3afd0a642cebea42837edd3dc0c446c413770aaa70467c612 - SFX archive
f6c3a8dafb12df7aee0b00a5e0f4201a5fe963c890332c68284ba1d728055230 - depszip
02d720a97b5496550c22a5adffcb6b17a2dde3e191fda46c9e05dd3182ae186d - Xagent.exe
3d2d8fd2c15da7ac4d03436a717613316f5e6a371618d4a386d968e3ea0fc267 - eternal11.dll
6818f885162fc5449571b8a21f28ed3505e43a226f33cb0540f97a7277ae902d - eternal22.dll
1d9fc5a423bd778769729c1d5c75c8b9dd694a9b8026bafa8cb18a93cbacb4aa - XMRig (x86)
f38c4cfddf62ce50310b6bb65db3bf14b07c053724e01d8ddf492e38264562c3 - XMRig (x86)
0de09fae50bcb810943cff3d9882fd01766e85c94a2299e6d3f1f6205622f3a6 - XMRig (x64)
9464e66c0a666ea86194bf80afd9dbc3e303d120b687dba14a02914c0a804845 - XMRig (x64)
9ce588c9e3765232e56b41db86f10632659ee2eb68615c4f926d2ee31cdfa418 - XMRig (x64)
d7fbd2a4db44d86b4cf5fa4202203dacfefd6ffca6a0615dca5bc2a200ad56b6 - XMRig (x64)

Network indicators

myip.dnsomatic[.]com
down.cacheoffer[.]tk/d2/reg9.sct
lazagne.cacheoffer[.]tk/Windows.zip
png.realtimenews[.]tk/m.png
png.realtimenews[.]tk/q.png
u.swb[.]one/cidir
u.swb[.]one/crack
u.swb[.]one/upload/win
xmr.enjoytopic[.]tk/d/ps3.txt
xmr.enjoytopic[.]tk/d/regxmr222.sct
xmr.enjoytopic[.]tk/d/regxmr888.sct
xmr.enjoytopic[.]tk/d/regxmr999.sct
xmr.enjoytopic[.]tk/d/rigd32.txt
xmr.enjoytopic[.]tk/d/rigd64.txt
lnk0[.]com/BtoUt4