otx.alienvault.com
Open in
urlscan Pro
13.32.121.87
Public Scan
URL:
https://otx.alienvault.com/indicator/ip/45.141.152.18
Submission: On November 25 via manual from VN — Scanned from DE
Submission: On November 25 via manual from VN — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * IPv4 45.141.152.18 Add to Pulse Pulses 50 Related NIDS 0 Passive DNS 500+ URLs 14K Files 55 Analysis Overview Classification Datacenter / Hosting / VPS Reverse DNS lh2.monovm.com Location Frankfurt am Main, Germany ASN AS9009 m247 ltd DNS Resolutions 500+ Domains Top Level Domains 18 Unique TLDs Related Pulses OTX User-Created Pulses (50) Related Tags 60 Related Tags phishing , azorult , remote access , hermes , agent tesla More Indicator Facts Historical OTX telemetry IP mentioned on Twitter Running webserver 255 domains resolved in last 7 days 500+ domains resolved in last 30 days 500+ domains resolved in all time 18 top-level domains Open Ports 21 Open Ports 21 , 25 , 53 , 80 , 110 , 143 , 443 , 465 , 587 , 993 More Antivirus Detections ALF:Backdoor:MSIL/Noancooe.KA , ALF:HeraklezEval:Trojan:MSIL/NanoCore.TZE!rfn , Exploit:O97M/CVE-2017-11882.L , Exploit:O97M/CVE-2017-11882.SSMA!MTB , Trojan:MSIL/LoadInjector.J!ibt More AV Detection Ratio 47 / 55 IDS Detections AZORult Variant.4 XORed Download AZORult v3.2 Server Response M1 AZORult v3.2 Server Response M3 Win32/AZORult V3.2 Client Checkin M3 AZORult Variant.4 Checkin M2 More Certificate Issuer SELF-ISSUED Certificate Subject CN=abctest.com External Resources Whois, VirusTotal Analysis Related Pulses Comments (0) PASSIVE DNS Show 10 25 50 100 entries Search: Status Hostname Query Type Address First Seen Last Seen ASN Country Unknown scgthai.co A 45.141.152.18 2022-11-24 09:372022-11-25 01:32AS9009 m247 ltd Germany Unknown atlantium.ga A 45.141.152.18 2022-11-24 05:452022-11-25 03:49AS9009 m247 ltd Germany Unknown helichina.ga A 45.141.152.18 2022-11-24 04:552022-11-25 03:49AS9009 m247 ltd Germany Unknown www.helichina.ga A 45.141.152.18 2022-11-24 04:532022-11-25 03:49AS9009 m247 ltd Germany Unknown max-citydiplomaticcourierservices.com A 45.141.152.18 2022-11-24 03:102022-11-25 02:27AS9009 m247 ltd Germany Unknown tripadvisor-complaint.com A 45.141.152.18 2022-11-24 10:212022-11-24 11:34AS9009 m247 ltd Germany Unknown sell-paxful.pro A 45.141.152.18 2022-11-24 07:522022-11-25 03:49AS9009 m247 ltd Germany Unknown stigfiko55.com A 45.141.152.18 2022-11-24 04:242022-11-25 01:06AS9009 m247 ltd Germany Unknown patatasarrebola.cf A 45.141.152.18 2022-11-23 03:382022-11-23 03:39AS9009 m247 ltd Germany Unknown ruipan.cf A 45.141.152.18 2022-11-23 03:382022-11-23 03:39AS9009 m247 ltd Germany SHOWING 1 TO 10 OF 500 ENTRIES 1 2 3 4 5 ... 50 Next NETWORK IDS SIGNATURE HITS Authentication required. Login to view Network IDS Signature Hits. ASSOCIATED URLS Show 10 25 50 100 entries Date Checked URL Hostname Server Response IP Address Google Safe Browsing Antivirus Results Nov 24, 2022https://scgthai.co/scgthai.co20045.141.152.18 Nov 24, 2022http://scgthai.co/scgthai.co20045.141.152.18 Nov 24, 2022https://atlantium.gaatlantium.ga20045.141.152.18 Nov 24, 2022http://atlantium.gaatlantium.ga20045.141.152.18 Nov 24, 2022https://helichina.gahelichina.ga20045.141.152.18 Nov 24, 2022https://www.helichina.gawww.helichina.ga20045.141.152.18 Nov 24, 2022http://helichina.gahelichina.ga20045.141.152.18 Nov 24, 2022http://www.helichina.gawww.helichina.ga20045.141.152.18 Nov 24, 2022https://atlantium.ga/atlantium.ga20045.141.152.18 Nov 24, 2022http://atlantium.ga/atlantium.ga20045.141.152.18 SHOWING 1 TO 10 OF 14,102 ENTRIES 1 2 3 4 5 ... 1,411 Next ASSOCIATED FILES Show 10 25 50 100 entries Date Hash Avast AVG Clamav MSDefender Jun 27, 2022 71f60bcda038f3e843721f27fc2e62637c32711198bf0fefd5cf45cc8aff75f8 Win32:PWSX-gen\ [Trj]Jun 24, 2022 bac0c7a6279a503ef8a3009bf813184bea9fd00a1d7bbecb10dc3f87a90a81a7 Win.Trojan.Remcos-9846521-0Jun 23, 2022 e616d9f7faf07788439e620402c88e4ee0e7650369babca2ad584a3e81d941f3 Win.Trojan.Remcos-9846521-0May 23, 2022 6d42275ef11ac24e7a098951fa8ac4aa46fd8f077d2c240915df65094c76f76d Win32:RATX-gen\ [Trj]Aug 10, 2021 03e73adb2a943786db217feedb75a14e7ce7ce39b8fb9f91a0fec989d1ce9188 RTF:Obfuscated-gen\ [Trj]Rtf.Exploit.CVE_2018_0802-6825822-0Exploit:O97M/CVE-2017-11882.SSMA!MTBApr 8, 2021 f4638ad782346e273b89c53bc9dcf2dfde5938a82ccfeb96e1b8e1cadd4530df Win32:PWSX-gen\ [Trj]Apr 8, 2021 fe74f2726a9eeca44293fa7e9ad023ff0765a4474525bd834a379e21d2bc281e Win32:PWSX-gen\ [Trj]Apr 7, 2021 d1b9a434579f456d75afe539d5b100d21cd57115bdf946c684dd9ec4e02996aa Win32:PWSX-gen\ [Trj]Apr 7, 2021 fe4e3fc81c2e5028cde6ef0a91ac901fa6b5e0e5e2cd6d68070a9f45cc3a4b69 Win32:PWSX-gen\ [Trj]Apr 1, 2021 5159183c50d03b79bf325655cefff8b847ffbb4b1d1f1f8228e4dc1dfe7eec8e Win32:RATX-gen\ [Trj] SHOWING 1 TO 10 OF 55 ENTRIES 1 2 3 4 5 ... 6 Next HTTP SCANS Record Value 80 Body html head META HTTP EQUIV= Cache control CONTENT= no cache META HTTP EQUIV= refresh CONTENT= 0 URL=/cgi sys/defaultwebpage.cgi /head body /body /html 80 HeaderHTTP/1.1 200 OK Connection: Keep Alive Content Type: text/html Last Modified: Tue 07 Aug 2018 09:12:42 GMT Accept Ranges: bytes Content Length: 163 Date: Fri 08 Nov 2019 16:06:22 GMT Server: LiteSpeed * User Created (50) Twitter Feed - PhishStats - 10-11-2022 IPv4 Indicator Active * Created 2 weeks ago by CyberHunterAutoFeed * Public * TLP: Green IPv4: 3 | URL: 5 phishing * 105 Subscribers Twitter Feed - PhishStats - 15-09-2022 IPv4 Indicator Inactive * Created 2 months ago * Modified 1 month ago by CyberHunterAutoFeed * Public * TLP: Green URL: 4 phishing * 105 Subscribers IOCs - 20225201339 IPv4 Indicator Inactive * Created 6 months ago * Modified 5 months ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4792 | FileHash-SHA256: 839 | FilePath: 1955 | Mutex: 1955 | URI: 1955 | URL: 9566 | YARA: 1955 | Domain: 179 | Hostname: 297 For complete list please visit https://apd.altervista.org/ * 306 Subscribers IOCs - 2022511143 IPv4 Indicator Inactive * Created 7 months ago * Modified 6 months ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4778 | FileHash-SHA256: 836 | FilePath: 1944 | Mutex: 1944 | URI: 1944 | URL: 9710 | YARA: 1944 | Domain: 172 | Hostname: 283 For complete list please visit https://apd.altervista.org/ * 307 Subscribers IOCs - 20223111352 IPv4 Indicator Inactive * Created 9 months ago * Modified 8 months ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4708 | FileHash-SHA256: 801 | FilePath: 1862 | Mutex: 1862 | URI: 1862 | URL: 12795 | YARA: 1862 | Domain: 129 | Hostname: 284 For complete list please visit https://apd.altervista.org/ * 312 Subscribers IOCs - 20222121432 IPv4 Indicator Inactive * Created 10 months ago * Modified 9 months ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4681 | FileHash-SHA256: 798 | FilePath: 1789 | Mutex: 1789 | URI: 1789 | URL: 10531 | YARA: 1789 | Domain: 120 | Hostname: 232 For complete list please visit https://apd.altervista.org/ * 308 Subscribers IOCs - 20221291350 IPv4 Indicator Inactive * Created 10 months ago * Modified 9 months ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4642 | FileHash-SHA256: 798 | FilePath: 1874 | Mutex: 1874 | URI: 1874 | URL: 11949 | YARA: 1874 | Domain: 183 | Hostname: 268 For complete list please visit https://apd.altervista.org/ * 307 Subscribers Azorult Malware Analysis, Overview by ANY.RUN IPv4 Indicator Inactive * Created 10 months ago * Modified 9 months ago by teja.batchu@sisainfosec.com * Public * TLP: White CVE: 1 | FileHash-MD5: 13 | FileHash-SHA1: 12 | FileHash-SHA256: 21 | URL: 1 | Domain: 17 | Hostname: 2 Azorult, a trojan that can steal banking information and cryptocurrency, has been identified by researchers as one of the world's most serious cyber-thieves, and now researchers are looking to track its movements. azorult, remote access, hermes, agent tesla, ave maria, warzone, danabot, july, trojan, azorult malware, azorult stealer, proofpoint, chthonic, october, a trojan, hawkeye, aurora, adwind, remcos * 12 Subscribers IOCs - 202112132041 IPv4 Indicator Inactive * Created 12 months ago * Modified 11 months ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4564 | FileHash-SHA256: 797 | FilePath: 1852 | Mutex: 1852 | URI: 1852 | URL: 12729 | YARA: 1852 | Domain: 142 | Hostname: 271 For complete list please visit https://apd.altervista.org/ * 311 Subscribers IOCs - 202112122015 IPv4 Indicator Inactive * Created 12 months ago * Modified 11 months ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4561 | FileHash-SHA256: 798 | FilePath: 1860 | Mutex: 1860 | URI: 1860 | URL: 13018 | YARA: 1860 | Domain: 130 | Hostname: 303 For complete list please visit https://apd.altervista.org/ * 311 Subscribers IOCs - 202112112041 IPv4 Indicator Inactive * Created 12 months ago * Modified 11 months ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4556 | FileHash-SHA256: 799 | FilePath: 1790 | Mutex: 1790 | URI: 1790 | URL: 13091 | YARA: 1790 | Domain: 126 | Hostname: 240 For complete list please visit https://apd.altervista.org/ * 309 Subscribers Hammertoss - Solarwinds Orion - Sunburst - - Solorigate Teardrop Raindrop IPv4 Indicator Inactive * Created 1 year ago * Modified 11 months ago by Kailula4 * Public * TLP: White CVE: 4 | FileHash-MD5: 1 | FileHash-SHA256: 3221 | URL: 11788 | Domain: 3328 | Hostname: 4110 Dnsowl.com, "thedoccloud" and "virtualdataserver" are among those who have contributed to the BBC News website's list of top 10 most interesting stories. Hammertoss, Solarwinds Orion, Sunburst, Digital College, Infor, Solorigate Teardrop Raindrop, disallowedcertstl.cab, WannaCry, Hammertoss - Solarwinds Orion - Sunburst - - Solorigate Teardrop * 269 Subscribers IOCs - 20211072234 IPv4 Indicator Inactive * Created 1 year ago * Modified 1 year ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4441 | FileHash-SHA256: 795 | FilePath: 1828 | Mutex: 1828 | URI: 1828 | URL: 9690 | YARA: 1828 | Domain: 155 | Hostname: 275 For complete list please visit https://apd.altervista.org/ * 308 Subscribers IOCs - 2021922145 IPv4 Indicator Inactive * Created 1 year ago * Modified 1 year ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 4407 | FileHash-SHA256: 800 | FilePath: 1795 | Mutex: 1795 | URI: 1795 | URL: 9952 | YARA: 1795 | Domain: 144 | Hostname: 230 For complete list please visit https://apd.altervista.org/ * 307 Subscribers IOCs - 20219171642 IPv4 Indicator Inactive * Created 1 year ago * Modified 1 year ago by AlessandroFiori * Public * TLP: Green CVE: 4 | FileHash-MD5: 278 | FileHash-SHA1: 4668 | FileHash-SHA256: 2535 | FilePath: 1849 | Mutex: 1849 | URI: 1849 | URL: 14544 | YARA: 1849 | Domain: 1538 | Hostname: 997 For complete list please visit https://apd.altervista.org/ * 312 Subscribers IOCs - 2021813219 IPv4 Indicator Inactive * Created 1 year ago * Modified 1 year ago by AlessandroFiori * Public * TLP: Green CVE: 1 | FileHash-MD5: 235 | FileHash-SHA1: 4488 | FileHash-SHA256: 14742 | FilePath: 1906 | Mutex: 1906 | URI: 1906 | URL: 25676 | YARA: 1906 | Domain: 1797 | Hostname: 1181 Complete dataset of IOCs from OSINT analysis: Includes generic attacks, botnets, specific target and specific Ransomware (LockBit) * 315 Subscribers SolarWinds, Orion, Sunburst, Hammertoss Analysis - Reprint IPv4 Indicator Inactive * Created 2 years ago * Modified 1 year ago by Kailula4 * Public * TLP: White CVE: 2 | FileHash-MD5: 261 | FileHash-SHA1: 260 | FileHash-SHA256: 3538 | URL: 7352 | Domain: 2153 | Hostname: 3008 Dnsowl.com, Dan.undeveloped, is the latest in a long line of sites to feature on the BBC World News website, which features the most interesting stories of the year. akamaitechnologies.com, Solarwinds, Orion, Emotet, Gootkit CnC, Hammertoss, Sunburst, Sunstrike.ru * 255 Subscribers IOCs - 2021472219 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 3860 | FileHash-SHA256: 775 | FilePath: 1872 | Mutex: 1872 | URI: 1872 | URL: 7543 | YARA: 1872 | Domain: 166 | Hostname: 332 For complete list please visit https://apd.altervista.org/ * 310 Subscribers AZORult- Command-and-Control IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by Kailula4 * Public * TLP: White CVE: 1 | FileHash-MD5: 18 | FileHash-SHA1: 18 | FileHash-SHA256: 108 | URL: 559 | Domain: 144 | Hostname: 131 AZORult CnC * 253 Subscribers Agent Tesla - Malware Trends Tracker by ANY.RUN IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by bogart * Public * TLP: White CVE: 1 | FileHash-MD5: 15 | FileHash-SHA1: 15 | FileHash-SHA256: 22 | Hostname: 20 The Agent Tesla virus is a popular tool in the hacker community and is being sold by attackers who want to steal users’ passwords and other personal data, but who are willing to pay for it? agenttesla, sandboxie, agent tesla, tesla, amsi, c2 server, tor client, http, sophoslabs, ip address, amsiscanbuffer, agent telsa, smtp, code, virustotal, click, remote access, ave maria, warzone, danabot, email, network stream, official, website, discord server, turkey, windows, interactivity * 61 Subscribers IOCs - 20213102230 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 3805 | FileHash-SHA256: 774 | FilePath: 1931 | Mutex: 1931 | URI: 1931 | URL: 9562 | YARA: 1931 | Domain: 144 | Hostname: 406 For complete list please visit https://apd.altervista.org/ * 307 Subscribers IOCs - 2021232339 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 3736 | FileHash-SHA256: 776 | FilePath: 1856 | Mutex: 1856 | URI: 1856 | URL: 8393 | YARA: 1856 | Domain: 135 | Hostname: 326 For complete list please visit https://apd.altervista.org/ * 308 Subscribers Solarwinds Supply Chain Attack IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by carlosxr7 * Public * TLP: White FileHash-MD5: 39 | FileHash-SHA1: 49 | FileHash-SHA256: 53 | Domain: 22 | Hostname: 1726 On Sunday, December 13th, 2020, cybersecurity firm FireEye released a statement on a breach and data exfiltration campaign linked to an unattributed threat actor named "UNC2452," also tracked as Solarigate (Microsoft Defender), SolarStorm (Palo Alto Networks), and Dark Halo (Volexity). indicator * 101 Subscribers solarwinds-raindrop-malware IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by HemaTemenos * Public * TLP: White FileHash-MD5: 10 | FileHash-SHA1: 10 | FileHash-SHA256: 22 | Domain: 20 .. * 58 Subscribers Anomali Sunburst Threat Intelligence IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by ZENDataGE * Public * TLP: White FileHash-MD5: 31 | FileHash-SHA1: 41 | FileHash-SHA256: 47 | Domain: 22 | Hostname: 1726 https://www.anomali.com/learn/sunburst/download-actionable-sunburst-threat-intelligence indicator * 358 Subscribers IOCs - 20211503 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 3685 | FileHash-SHA256: 775 | FilePath: 1867 | Mutex: 1867 | URI: 1867 | URL: 7723 | YARA: 1867 | Domain: 136 | Hostname: 335 For complete list please visit https://apd.altervista.org/ * 308 Subscribers phishstats-1-20201204-0917 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by ZENDataGE * Public * TLP: White Data from https://phishstats.info/phish_score.csv * 355 Subscribers phishstats-1-20201203-0952 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by ZENDataGE * Public * TLP: White Data from https://phishstats.info/phish_score.csv * 356 Subscribers phishstats-1-20201130-1136 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by ZENDataGE * Public * TLP: White Data from https://phishstats.info/phish_score.csv * 355 Subscribers phishstats-1-20201130-0105 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by ZENDataGE * Public * TLP: White Data from https://phishstats.info/phish_score.csv * 353 Subscribers phishstats-1-20201202-0956 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by ZENDataGE * Public * TLP: White Data from https://phishstats.info/phish_score.csv * 354 Subscribers phishstats-1-20201202-0956 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by ZENDataGE * Public * TLP: White Data from https://phishstats.info/phish_score.csv * 355 Subscribers phishstats-1-20201201-1725 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by ZENDataGE * Public * TLP: White Data from https://phishstats.info/phish_score.csv * 356 Subscribers IOCs - 20201042220 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 3547 | FileHash-SHA256: 756 | FilePath: 1829 | Mutex: 1829 | URI: 1829 | URL: 18830 | YARA: 1829 | Domain: 148 | Hostname: 284 For complete list please visit https://apd.altervista.org/ * 310 Subscribers IOCs - 202096115 IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 3544 | FileHash-SHA256: 753 | FilePath: 1908 | Mutex: 1908 | URI: 1908 | URL: 7846 | YARA: 1908 | Domain: 151 | Hostname: 353 For complete list please visit https://apd.altervista.org/ * 306 Subscribers https://instagram.com/veronica.muratori?igshid=1dqecfc0bo1fw IPv4 Indicator Inactive * Created 2 years ago by ivandraft44 * Public * TLP: Green FileHash-SHA256: 561 | FilePath: 1466 | Mutex: 1466 | URI: 1466 | URL: 873 | YARA: 1466 | Domain: 77804 | Hostname: 20971 * 49 Subscribers https://instagram.com/veronica.muratori?igshid=1dqecfc0bo1fw IPv4 Indicator Inactive * Created 2 years ago by ivandraft44 * Public * TLP: Green FileHash-SHA256: 561 | FilePath: 1466 | Mutex: 1466 | URI: 1466 | URL: 873 | YARA: 1466 | Domain: 77804 | Hostname: 20971 * 47 Subscribers https://instagram.com/veronica.muratori?igshid=1dqecfc0bo1fw IPv4 Indicator Inactive * Created 2 years ago by ivandraft44 * Public * TLP: Green FileHash-SHA256: 561 | FilePath: 1466 | Mutex: 1466 | URI: 1466 | URL: 873 | YARA: 1466 | Domain: 77804 | Hostname: 20971 * 46 Subscribers Blah IPv4 Indicator Inactive * Created 2 years ago * Modified 2 years ago by Jonwhalley73 * Public * TLP: Green FileHash-SHA256: 523 | FilePath: 1365 | Mutex: 1365 | URI: 1365 | URL: 818 | YARA: 1 | Domain: 83132 | Hostname: 24967 * 55 Subscribers Blah IPv4 Indicator Inactive * Created 2 years ago by Jonwhalley73 * Public * TLP: Green FileHash-SHA256: 523 | FilePath: 1365 | Mutex: 1365 | URI: 1365 | URL: 818 | YARA: 1 | Domain: 83133 | Hostname: 24967 * 48 Subscribers Blah IPv4 Indicator Inactive * Created 2 years ago by Jonwhalley73 * Public * TLP: Green FileHash-SHA256: 523 | FilePath: 1365 | Mutex: 1365 | URI: 1365 | URL: 818 | YARA: 1 | Domain: 83133 | Hostname: 24967 * 44 Subscribers IOCs - 20204222342 IPv4 Indicator Inactive * Created 3 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 3136 | FileHash-SHA256: 668 | FilePath: 1724 | Mutex: 1724 | URI: 1724 | URL: 7345 | YARA: 1724 | Domain: 591 | Hostname: 2144 For complete list please visit https://apd.altervista.org/ * 309 Subscribers IOCs - 2020461246 IPv4 Indicator Inactive * Created 3 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 3099 | FileHash-SHA256: 620 | FilePath: 1614 | Mutex: 1614 | URI: 1614 | URL: 5323 | YARA: 1614 | Domain: 580 | Hostname: 2109 For complete list please visit https://apd.altervista.org/ * 306 Subscribers IOCs - 2020129238 - Huge Upload IPv4 Indicator Inactive * Created 3 years ago * Modified 3 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA256: 561 | FilePath: 1466 | Mutex: 1466 | URI: 1466 | URL: 873 | YARA: 1466 | Domain: 77804 | Hostname: 20971 For complete list please visit https://apd.altervista.org/ * 323 Subscribers Gacko IPv4 Indicator Inactive * Created 3 years ago * Modified 3 years ago by g2 * Public * TLP: Green FileHash-SHA256: 561 | FilePath: 1466 | Mutex: 1466 | URI: 1466 | URL: 873 | YARA: 1466 | Domain: 77804 | Hostname: 20971 * 42 Subscribers Gacko IPv4 Indicator Inactive * Created 3 years ago * Modified 3 years ago by g2 * Public * TLP: Green FileHash-SHA256: 561 | FilePath: 1466 | Mutex: 1466 | URI: 1466 | URL: 873 | YARA: 1466 | Domain: 77804 | Hostname: 20971 * 43 Subscribers Gacko IPv4 Indicator Inactive * Created 3 years ago * Modified 3 years ago by g2 * Public * TLP: Green FileHash-SHA256: 561 | FilePath: 1466 | Mutex: 1466 | URI: 1466 | URL: 873 | YARA: 1466 | Domain: 77804 | Hostname: 20971 * 46 Subscribers Gacko IPv4 Indicator Inactive * Created 3 years ago * Modified 3 years ago by g2 * Public * TLP: Green FileHash-SHA256: 561 | FilePath: 1466 | Mutex: 1466 | URI: 1466 | URL: 873 | YARA: 1466 | Domain: 77804 | Hostname: 20971 * 52 Subscribers IOCs - 20201292235 IPv4 Indicator Inactive * Created 3 years ago * Modified 3 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 2970 | FileHash-SHA256: 561 | FilePath: 1464 | Mutex: 1464 | URI: 1464 | URL: 7787 | YARA: 1464 | Domain: 570 | Hostname: 2079 For complete list please visit https://apd.altervista.org/ * 305 Subscribers IOCs - 20201222046 IPv4 Indicator Inactive * Created 3 years ago * Modified 3 years ago by AlessandroFiori * Public * TLP: Green FileHash-SHA1: 2970 | FileHash-SHA256: 544 | FilePath: 1420 | Mutex: 1420 | URI: 1420 | URL: 7236 | YARA: 1 | Domain: 595 | Hostname: 2045 For complete list please visit https://apd.altervista.org/ * 305 Subscribers COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2022 AlienVault, Inc. * Legal * Status