토끼 구멍 내부 : Bunnyloader 3.0 공개 관련 IOC 47개 발견

Impotant:
http://91[.]92[.]247[.]212
fffdf51cdb54f707db617b29e2178bb54b67f527c866289887a7ada4d26b7563
ebc17dbf5970acb38c35e08560ae7b38c7394f503f227575cd56ba1a4c87c8a4
185[.]241[.]208[.]83
http://C2/[path]/Logs/ADE_LOGS_[hostname][.]zip
c80a63350ec791a16d84b759da72e043891b739a04c7c1709af83da00f7fdc3a
2ab21d859f1c3c21a69216c176499c79591da63e1907b0d155f45bb9c6aed4eb
3a64f44275b6ff41912654ae1a4af1d9c629f94b8062be441902aeff2d38af3e
http://C2/[path]/Modules/NextronSystems[.]exe
5f09411395c8803f2a735b71822ad15aa454f47e96fd10acc98da4862524813a
http://ads[.]hostloads[.]xyz/BAGUvIxJu32I0/gate[.]php
http://C2/[path]/Modules/any_run[.]exe
c2server@37[.]139[.]129[.]145
172[.]105[.]124[.]34
134[.]122[.]197[.]80
http://195[.]10[.]205[.]23
74c56662da67972bf4554ff9b23afc5bdab477ba8d4929e1d7dbc608bdc96994
http://172[.]105[.]124[.]34
http://A-B[.]{93
http://C2/[path]/[PHP
servershosted@195[.]10[.]205[.]23
http://91[.]92[.]254[.]31
http://37[.]139[.]129[.]145
c006f2f58784671504a1f2e7df8da495759227e64f58657f23efee4f9eb58216
2e9d6fb42990126155b8e781f4ba941d54bcc346bcf85b30e3348dde75fbeca1
195[.]10[.]205[.]23
0f425950ceaed6578b2ad22b7baea7d5fe4fd550a97af501bca87d9eb551b825
http://url/Bunny/[PHP
http://C2/[path]/Modules/eSentire[.]exe
http://C2/[path]/Modules/zScaler[.]exe
http://134[.]122[.]197[.]80
185[.]241[.]208[.]104
91[.]92[.]247[.]212
82a3c2fd57ceab60f2944b6fea352c2aab62b79fb34e3ddc804ae2dbc2464eef
cc2acf344677e4742b22725ff310492919499e357a95b609e80eaddc2b155b4b
c2server@91[.]92[.]247[.]212
c2servers@134[.]122[.]197[.]80
1a5ad9ae7b0dcdc2edb7e93556f2c59c84f113879df380d95835fb8ea3914ed8
2d39bedba2a6fb48bf56633cc6943edc6fbc86aa15a06c03776f9971a9d2c550
62f041b12b8b4e0debd6e7e4556b4c6ae7066fa17e67900dcbc991dbd6a8443f
http://185[.]241[.]208[.]83
37[.]139[.]129[.]145
infrastructurehosted@185[.]241[.]208[.]83
http://185[.]241[.]208[.]104
52b7cdf5402f77f11ffebc2988fc8cdcd727f51a2f87ce3b88a41fd0fb06a124
91[.]92[.]254[.]31

요약:
이 기사는 Bunnyloader 3.0의 개요와 역사적인 관찰에 중점을 둔 것으로, Bunnyloader는 정보, 자격 증명 및 암호 화폐를 훔치고 맬웨어를 동적으로 개발하고 있습니다. 2023년 9월부터 10월까지 추가 기능이 업데이트되었으며, 버그 수정, 바이러스 백신 회피, 다중 데이터 복구 기능, 키로거 기능 등이 포함되어 있습니다.

Open New Windows

토끼 구멍 내부 : Bunnyloader 3.0 공개:
https://unit42.paloaltonetworks.com/analysis-of-bunnyloader-malware/

Next Post Previous Post
No Comment
Add Comment
comment url