| Sample Hash | File Type | VMRay Platform Report | STIX 2.1 Report (JSON) | IOCs |
|---|---|---|---|---|
| 3c981da1aae9809f83d2516ead1df45fc27403bad738f8424c61bc97e0037cff | DOC | View the Report | STIX 2.1 | https://dukeenergyltd[.]top/blese[.]doc https://dukeenergyltd[.]top/blese[.]scr https://dukeenergyltd[.]top http://antfly50[.]sytes[.]net 80[.]85[.]154[.]121 |
| c8752c52764d7a7a3d3e6f4a40ea66642c56ccba561144e454d04abd40877947 | VBS | View the Report | STIX 2.1 | http://janbours92harbu02[.]duckdns[.]org http://janbours92harbu03[.]duckdns[.]org http://94[.]156[.]79[.]86/LGgSgwOVjO73[.]bin 94[.]156[.]79[.]86 |
| cffe61d5caaec713309315a0dcf0889a2cdb0632d0be87a6e7ce7bcce338e881 | EXE | View the Report | STIX 2.1 | http://147[.]124[.]216[.]2 |
| 7561a5c626310483b34f53a89626636902f32337022230e27c1b26277d87e189 | VBS | View the Report | STIX 2.1 | http://ecox[.]pt//IpAzT48[.]bin https://ecox[.]pt/Jostlin[.]ttf http://85[.]209[.]176[.]69 http://iwarsut775laudrye2[.]duckdns[.]org |
| f321f4d45eeffbbacdb7f397f03f56271d9559a627944eadc84f94cdd6ed91dd | XLS | View the Report | STIX 2.1 | 172[.]234[.]221[.]211 172[.]67[.]215[.]45 194[.]187[.]251[.]115 sembe[.]duckdns[.]org |
| 98d535788e6259e120304b34b5029e369ef3f49c37179ecf5d1734194b4d94ec | RTF | View the Report | STIX 2.1 | 172[.]235[.]39[.]109 188[.]114[.]97[.]3 94[.]156[.]66[.]67 |
| 74dc5d197a2fdc1637b6b677a82016afa583019ec50c0b278e7f23c2eae57e98 | EXE | View the Report | STIX 2.1 | http://23[.]95[.]60[.]82 |
| 721c9d4f52aa4e1a46a73887e0372146e8a4575e3f74250a596ddb3344a86bb9 | BAT | View the Report | STIX 2.1 | jaztc[.]duckdns[.]org 192[.]3[.]216[.]131 |
| 079d48da3d7da106fedad2995177621cee30b7adc0a63be98bedcb2cb4b93c7f | XLS | View the Report | STIX 2.1 | deroploo[.]duckdns[.]org 172[.]234[.]239[.]209 172[.]67[.]215[.]45 |
| bdafecb1d827ba690992e209228370e6601616dd0419c94931b3448f06912ae1 | EXE | View the Report | STIX 2.1 | ramcourse[.]duckdns[.]org |
