Smoking Out a DARKSIDE Affiliate's Supply Chain Software ...

C45-2021-06-17-8

Indicator of Compromise (IOC)	Date Published	IOC Type
9de326bf37270776b78e30d442bda48b	17/06/2021	MD5
84ed6012ec62b0bddcd18058a8ff7ddd	17/06/2021	MD5
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server	17/06/2021	Win_Registry
b540b8a341c20dced4bad4e568b4cbf9	17/06/2021	MD5
1322340356018696d853e0ac6f7ce3a2	17/06/2021	MD5
c180f493ce2e609c92f4a66de9f02ed6	17/06/2021	MD5
325d6d60e24c7cfc3a782839d85ce08c8d3bb27c	17/06/2021	SHA-1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run	17/06/2021	Win_Registry
b06319542cab55346776f0358a61b3b3	17/06/2021	MD5
f075c2894ac84df4805e8ccf6491a4f4	17/06/2021	MD5
e3bc4dd84f7a24f24d790cc289e0a10f	17/06/2021	MD5
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccountsUserList	17/06/2021	Win_Registry
HKLM\SYSTEM\CurrentControlSet\Control\Lsa	17/06/2021	Win_Registry
185.231.68.102	17/06/2021	IPv4
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest\UseLogonCredential to enable credential caching. Phase 6	17/06/2021	Win_Registry
54e0a0d398314f330dfab6cd55d95f38	17/06/2021	MD5
a9fa3eba3f644ba352462b904dfbcc1a	17/06/2021	MD5
05d38c7e957092f7d0ebfc7bf1eb5365	17/06/2021	MD5
81.91.177.54	17/06/2021	IPv4
185.92.151.150	17/06/2021	IPv4
127bf1d43313736c52172f8dc6513f56	17/06/2021	MD5
e9ed774517e129a170cdb856bd13e7e8	17/06/2021	MD5
23b89bf2c2b99fbc1e232b4f86af65f4	17/06/2021	MD5
5ced5d5b469724d9992f5e8117ecefb5	17/06/2021	MD5
1430291f2db13c3d94181ada91681408	17/06/2021	MD5

Download as CSV