최신 Mispadu Stealer 변형 탐색 관련 IOC 55개 발견

Impotant:
30b4ab9707347c6bdd9035d1562cab31c78a27f5ad410871cadffeb208cd85e8
24[.]199[.]98[.]128
4b276d43308450619fec6befdf92c5171298e3651ed6f06a5a637f8a5afc407f
03bdae4d40d3eb2db3c12d27b76ee170c4813f616fec5257cf25a068c46ba15f
http://www1[.]secure[.]hsbcnet[.]com
http://moscovatech[.]com
135c9ef3baaef856dd9ca7801bfb690a3662646ab97568e916a1af06d382b81f
http://plinqok[.]com
748a57a4d4e806daa6c5e54af96f9e7839bc2260e5f0258e5edf617a92045085
http://24[.]199[.]98[.]128@80\expediente38\1477606991\2456719228[.]exe
http://trilivok[.]com
https://trilivok[.]com/4g3031ar0/cb6y1dh/it[.]php
10[.]0[.]0[.]0
23155CA4D7D94B1E511228924940CAD2A19F801DDC8A445A819C1F9FD1B10226
172[.]16[.]0[.]0
https://unit42[.]paloaltonetworks[.]com/
http://nixe[.]ixe[.]com[.]mx
http://xalticainvest[.]com
http://hsbc[.]com[.]mx
46d20fa82c936c5784f86106838697ab79a1f6dc243ae6721b42f0da467eaf52
http://bancadigital[.]monex[.]com[.]mx
4a774438d15381d9ab308dd73c2917aee83897d654c39db24f4dd6f173564914
4e209b1dd2d4eaa3b041dddbe7f1bd0c6b07145c0102999060d7ceeb64978e90
0332d65ee6d896d1b326748e0108b1ac1ad97e94796dd17c7e15fa10317445a9
3e165f375f498d802ce7f47739ae9d93236f83811335da55aef1dc1c17694f53
192[.]168[.]0[.]0
d752b7472110cbf7f4513b64658c751148304f287b13df26890642d64b75c264
cf546a4c5c7fdd3935ed7d93f5482057e3c8ff8723c3a73caba1fc5e3a5c96b4
http://24[.]199[.]98[.]128/expediente38/8869881268/8594605066[.]exe
1b7dc569508387401f1c5d40eb448dc20d6fb794e97ae3d1da43b571ed0486a0
ba6d10e36f41c4ebc85f6beb95afd2b7c92406ad
http://trilivok[.]com/4g3031ar0/cb6y1dh/it[.]php
bbaba0482f486b0d7b7738af8bc4731dbb80faef7f8b3888d9859726dbd53957
fb3995289bac897e881141e281c18c606a772a53356cc81caf38e5c6296641d4
8e1d354dccc3c689899dc4e75fdbdd0ab076ac457de7fb83645fb735a46ad4ea
https://plinqok[.]com/3dzy14ebg/buhumo0/it[.]php
http://24[.]199[.]98[.]128/impresion73/5464893028/8024251449[.]exe
e136717630164116c2b68de31a439231dc468ddcbee9f74cca511df1036a22ea
https://from
b70ad99286733a4eb2ebc615fbfdbc9b278aaa15ad23d661696ae54eb186a5a4
bc25f7836c273763827e1680856ec6d53bd73bbc4a03e9f743eddfc53cf68789
https://malpedia[.]caad[.]fkie[.]fraunhofer[.]de/details/win[.]mispadu
d4fed9ca90249707099926e336c0ec5abc0be8fbeb0e1889f7259e0e7312b9a0
974fe99972905800c1dd1a3527de58c291ed1f8f1c654f2f302d6b3b70af2b10
http://empresas[.]bbvanet[.]com[.]mx
e8deebe849f80654b53b73d41a379919a86c4c356715d34729335e79089127c7
723df0296951abd2aeed01361cec6b0d
4c21caa1fc4c01fa51d918be8ab40077e79b5b8dbaea098328ff953fc7aca8c2
44c505974154050ec0c671eb2f1d27f72886243bfafff8c3523b0ce1d64f944a
ac027e988dad213707537bdc0172509b9135115337c5744816b079390d5a3e82
dd4018e2cff36fc896497d4539397e8334aa9a5910e73b45bde4f7206aa5ebe3
http://24[.]199[.]98[.]128/verificacion58/6504926283/3072491614[.]exe
018beb515d323dee4f04ad9663863324859f4eb896576dbef1df950568084030

요약:
Unit 42 연구원들이 2019 년에 최초로 발견한 Mispadu Stealer를 사용하는 은밀한 활동이 발견됐습니다. 스마트 스크린 CVE-2023-36025 취약점 사냥 중 멕시코 시민과 관련된 특정 지역과 URL을 대상으로하는 Infostealer 가족과 새로운 변형의 잘못된 패디 스틸러를 발견했습니다. Palo Alto Networks 고객은 Cortex XDR 및 Wildfire Malware Analysis를 통해 이 위협에 대한 보호를 받을 수 있습니다.

Open New Windows

최신 Mispadu Stealer 변형 탐색:
https://unit42.paloaltonetworks.com/mispadu-infostealer-variant/

Next Post Previous Post
No Comment
Add Comment
comment url