last update data : 04/08/2025 18:48 WIB

IPs:
143[.]47[.]53[.]106,
130[.]51[.]20[.]126,
199[.]232[.]214[.]172,
199[.]232[.]210[.]172

Domains:
targetsname-sso[.]com
targetsname-servicedesk[.]com
targetsname-okta[.]com
targetsname-cms[.]com
targetsname-helpdesk[.]com
oktalogin-targetcompany[.]com

Tools:
Fleetdeck.io
Level.io
Mimikatz
Ngrok
Pulseway
Screenconnect
Splashtop
Tactical.RMM
Tailscale
TeamViewer
Teleport.sh
AnyDesk
Teleport.sh

Malwares:
AveMaria
Raccoon Stealer 
VIDAR Stealer
RattyRAT
DragonForce Ransomware

SHA256 Hash:
a1c2861a68b2a4d62b6fbfc7534f498cefe5f92f720466d24ae1b66ebc9f5731,
d20d14792c91107f53318ff7df83b9cd98acd3c394959a74e72278682822b600,
9184ff2cdd05fcaf111db23123479c845b2ece2fedccc2524b2de592f9980876,
5f897fec78e2fd812eb3bc451222e64480a9d5bc97b746cc0468698a63470880,
6153c80b17cb990caad1d80cac72c867d4ecfa1a84b7ab286b7373cd4168794e,
469b8911fd1ae2ded8532a50e9e66b8d54820c18ccdba49d7a38850d6af54475,
af8b6ac45918bc87d2a164fae888dab6e623327cba7c2409e4d0ef1dde8d1793,
1aed62a63b4802e599bbd33162319129501d603cceeb5e1eb22fd4733b3018a3,
9165d4f3036919a96b86d24b64d75d692802c7513f2b3054b20be40c212240a5,
bfc2ef3b404294fe2fa05a8b71c7f786b58519175b7202a69fe30f45e607ff1c

MD5 Hash:
97B70E89B5313612A9E7A339EE82AB67,
A50637F5F7A3E462135C0AE7C7AF0D91,
BB7C575E798FF5243B5014777253635D,
C111476F7B394776B515249ECB6B20E6,