top of page
New Updates to ValleyRAT | ThreatLabz
C45-2024-06-11-9
Indicators of Compromise (IOC) List
Indicator of Compromise (IOC) | Date Published | IOC Type |
|---|---|---|
HKEY_CURRENT_USER\\Console\u003c | 11/06/2024 | Win_Registry |
43.132.212.111 | 11/06/2024 | IPv4 |
HKEY_CURRENT_USER\Console\0 and querying for the value with the name d33f351a4aeea5e608853d1a56661059. If the size of the value is greater than 0xA44 | 11/06/2024 | Win_Registry |
6.6.6.6 | 11/06/2024 | IPv4 |
d33f351a4aeea5e608853d1a56661059 | 11/06/2024 | MD5 |
124.156.134.223 | 11/06/2024 | IPv4 |
HKEY_CURRENT_USER\Console.0xC9Retrieve the name of the foreground window and last input time.Table 3 | 11/06/2024 | Win_Registry |
HKEY_CURRENT_USER\Console.0x65Delete the value named | 11/06/2024 | Win_Registry |
C563f62191ea363259939a6b3ce7f192 | 11/06/2024 | MD5 |
17.200.101.33 | 11/06/2024 | IPv4 |
43.129.233.146 | 11/06/2024 | IPv4 |
43.132.235.4 | 11/06/2024 | IPv4 |
HKEY_CURRENT_USER\Console\0.The embedded DLL is subsequently loaded into memory and executed | 11/06/2024 | Win_Registry |
119.28.32.143 | 11/06/2024 | IPv4 |
HKEY_CURRENT_USER\\Console\\0\u003c | 11/06/2024 | Win_Registry |
mprajapati@zscaler.com | 11/06/2024 | Email_ID |
127.0.0.1 | 11/06/2024 | IPv4 |
mirfanva@zscaler.com | 11/06/2024 | Email_ID |
101.33.117.200 | 11/06/2024 | IPv4 |
43.129.233.99 | 11/06/2024 | IPv4 |
8.8.8.8 | 11/06/2024 | IPv4 |
119.28.41.143 | 11/06/2024 | IPv4 |
bottom of page