top of page
Threat Roundup for May 8 to May 15
C45-2020-05-16-5
Indicators of Compromise (IOC) List
Indicator of Compromise (IOC) | Date Published | IOC Type |
|---|---|---|
72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0 | 16/05/2020 | SHA-256 |
5d11449991027575e2120638a849d26969c8926db654139bb7f810eb027e2567 | 16/05/2020 | SHA-256 |
91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19 | 16/05/2020 | SHA-256 |
542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265 | 16/05/2020 | SHA-256 |
382b68dcf07ed4f6614c126072aab217f621b9b8c7dcd6dffda8b26246780c5e | 16/05/2020 | SHA-256 |
4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4 | 16/05/2020 | SHA-256 |
b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e | 16/05/2020 | SHA-256 |
5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349 | 16/05/2020 | SHA-256 |
d9dc71e3ec64b6e5ba960cb6fafbae891f4cdb4305fe8a46a0751842021392b2 | 16/05/2020 | SHA-256 |
9f8156b1e9c890d4171e7134cbd9155b034085b2b791d6e012249ba5f5b143d7 | 16/05/2020 | SHA-256 |
538f6179e9d94b8bfacec1043f572c2d8359005bbce121809e20f8b59ee2cdbd | 16/05/2020 | SHA-256 |
d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5 | 16/05/2020 | SHA-256 |
2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2 | 16/05/2020 | SHA-256 |
b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd | 16/05/2020 | SHA-256 |
5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d | 16/05/2020 | SHA-256 |
218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b | 16/05/2020 | SHA-256 |
0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc | 16/05/2020 | SHA-256 |
675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2 | 16/05/2020 | SHA-256 |
6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102 | 16/05/2020 | SHA-256 |
ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2 | 16/05/2020 | SHA-256 |
c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878 | 16/05/2020 | SHA-256 |
272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b | 16/05/2020 | SHA-256 |
32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102 | 16/05/2020 | SHA-256 |
430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b | 16/05/2020 | SHA-256 |
ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4 | 16/05/2020 | SHA-256 |
a98230fc57000ffb40a201c3aab2a245 | 16/05/2020 | MD5 |
ef6e1731df820be6d07e363692fc0d89350eb9e8eec2e998e46a9f3502eb21de | 16/05/2020 | SHA-256 |
ad714f5b8798518b3ccb73fd900fd2ba | 16/05/2020 | MD5 |
HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\AUTHROOT\CERTIFICATES\75E0ABB6138512271C04F85FDDDE38E4B7242EFE
Value Name | 16/05/2020 | Win_Registry |
75E0ABB6138512271C04F85FDDDE38E4B7242EFE | 16/05/2020 | SHA-1 |
HKCU\ENVIRONMENT
Value Name | 16/05/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\IPHLPSVC
Value Name | 16/05/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\BROWSER
Value Name | 16/05/2020 | Win_Registry |
HKU\S-1-5-21-2580483871-590521980-3826313501-500
Value Name | 16/05/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\NETWORKLIST\SIGNATURES\UNMANAGED\010103000F0000F0080000000F0000F019FA4C9094023081FB8D83143C006BEDB0E0DBE03497F7F7F6079D6172C0F198
1
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\NETWORKLIST\PROFILES | 16/05/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CD BURNING\DRIVES\VOLUME | 16/05/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\YPTEV3IJTX
Value Name | 16/05/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\MPSSVC
Value Name | 16/05/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS
Value Name | 16/05/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\POLICYAGENT
Value Name | 16/05/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPLETS\SYSTRAY
Value Name | 16/05/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER
Value Name | 16/05/2020 | Win_Registry |
HKLM\SYSTEM\CONTROLSET001\SERVICES\SHAREDACCESS\EPOCH
13
IP Addresses contacted by malware. Does not indicate maliciousness
Occurrences
180.254.253.254
13
166.254.253.254
13
135.254.253.254
13
117.254.253.254
13
119.254.253.254
13
134.254.253.254
13
206.254.253.254
13
222.254.253.254
13
182.254.253.254
13
190.254.253.254
13
184.254.253.254
13
197.254.253.254
13
183.254.253.254
13
158.254.253.254
13
204.254.253.254
13
209.68.32.176
13
189.102.19.2
13
93.103.65.17
13
109.98.104.40
13
95.248.64.19
13
24.162.158.248
13
76.28.167.15
13
80.164.97.146
13
37.203.94.205
13
84.253.247.9
13 | 16/05/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN
Value Name | 16/05/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\REMOTE DESKTOP\CTLS
1
HKLM\SYSTEM\CONTROLSET001\CONTROL\TERMINAL SERVER\RCM\SECRETS
1
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\YPTEV3IJTX
1
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\SPECIALACCOUNTS\USERLIST
Value Name | 16/05/2020 | Win_Registry |
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
Value Name | 16/05/2020 | Win_Registry |
A98230FC57000FFB40A201C3AAB2A245 | 16/05/2020 | MD5 |
0f210b532df043a6b654d5b43088f74f | 16/05/2020 | MD5 |
HKCU\SOFTWARE\A98230FC57000FFB40A201C3AAB2A245
Value Name | 16/05/2020 | Win_Registry |
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
Value Name | 16/05/2020 | Win_Registry |
bottom of page