{ "c07fd9e7-6483-488a-b49f-71e0c6c300a4": { "event_id": 13050, "created_at": "2022-05-31T13:33:28.675648+00:00", "updated_at": "2022-06-01T12:50:54.108221+00:00", "name": "Kinsing malware ELF miner tramite CVE-2022-29464", "description": "", "subject": null, "tlp": "0", "campaign_type": "malware", "method": "attached", "country": "italy", "file_type": [], "theme": null, "malware": "Kinsing", "phishing": null, "via": "email", "tag": [], "ioc_list": { "md5": [ "ff1706b37fea16d75b739a5396d9ffba", "2c44b4e4706b8bd95d1866d7867efa0e", "681dec001b347201ccecdc5a6429927d", "6c227bcc3a17a3c1b9d97ec8e3f3dbd8" ], "sha1": [ "e545ceffc8948e3ca9900212807cf3a862d33581", "6dbf019838262916e081bb1a42da778cd95e74b2", "a077fecb7d8f0d78fa6497f1da99a673f1c91455", "e84c7038dd92492e48b70ddbb26c12a9d77fd7bc" ], "sha256": [ "2e377087d0d2cb90b631ab0543f60d3d5d56db8af858cf625e7a9a26c8726585", "5d2530b809fd069f97b30a5938d471dd2145341b5793a70656aad6045445cf6d", "2f5c3fbc03ddec01451e092dc4511adc41a2d45bc5c4b595d86a66c15e3eb8d1", "7d31843ce5231c95ce07a609cb4473fe53b95a8d0685df9d666de348d17c69ff" ], "imphash": [], "domain": [ "dark-utilities.xyz" ], "url": [ "http://185.14.30.35/kinsing2", "https://dark-utilities.xyz/api/v1/payloads/tcp-client" ], "ipv4": [ "185.193.127.115", "207.38.87.6", "185.181.10.234", "45.137.151.106", "88.99.242.92", "146.71.79.230", "111.90.159.106", "34.81.218.76", "37.59.44.193", "192.236.161.6", "122.51.164.83", "185.191.32.198", "42.112.28.216", "45.136.244.146", "94.23.23.52", "185.14.30.35", "31.210.20.181", "3.215.110.66", "80.211.206.105", "91.241.19.134", "108.174.197.76" ], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" } }