CyberThreatIntel/Russia/Cybercriminal group/FIN7/16-10-19/IOC-FIN7-16-10-19.json

[
    {
        "Indicator":  "order.xlsb",
        "Description":  "2ba6709be053eb456c7fbe0c7e19196fefc7fe93afaea1e008c417aa6faeeeb3"
    },
    {
        "Indicator":  "umyhpakixg.txt",
        "Description":  "980b6ec3e3fc3d25af8273e8c85142c551875a472cc900e427b9c4cb87e59d39"
    },
    {
        "Indicator":  "e5ac4108d02499fbdb8e04aa8c42c3dd40cc6be02b4ceb12145075c8bd32b790.xls",
        "Description":  "e5ac4108d02499fbdb8e04aa8c42c3dd40cc6be02b4ceb12145075c8bd32b790"
    },
    {
        "Indicator":  "moviedvdpower.com",
        "Description":  "Domain requested"
    },
    {
        "Indicator":  "31.3.232.105",
        "Description":  "IP requested"
    },
    {
        "Indicator":  "185.231.153.21",
        "Description":  "IP C2"
    },
    {
        "Indicator":  "catering_list.xls",
        "Description":  "73d0b3cdff094bac4f965972a89872a11d60c5a58c0be9652d482808fa6d236e"
    },
    {
        "Indicator":  "wcykafy.exe",
        "Description":  "bd7b57a9303f0156e0737e9768a70f841b222a3e07e1426ecccfffdf2737bfe9"
    },
    {
        "Indicator":  "moviedvdpower.com",
        "Description":  "Domain C2"
    },
    {
        "Indicator":  "31.3.232.105",
        "Description":  "IP C2"
    },
    {
        "Indicator":  "8dd588a49d4e2c20a2c97f3726c0d2d85c5f6d402206c1f6dd2b33aea58565fc.exe",
        "Description":  "8dd588a49d4e2c20a2c97f3726c0d2d85c5f6d402206c1f6dd2b33aea58565fc"
    },
    {
        "Indicator":  "8773aeb53d9034dc8de339651e61d8d6ae0a895c4c89b670d501db8dc60cd2d0.dll",
        "Description":  "8773aeb53d9034dc8de339651e61d8d6ae0a895c4c89b670d501db8dc60cd2d0"
    },
    {
        "Indicator":  "DWrite.dll",
        "Description":  "18cc54e2fbdad5a317b6aeb2e7db3973cc5ffb01bbf810869d79e9cb3bf02bd5"
    },
    {
        "Indicator":  "Malware.doc",
        "Description":  "ee0cb9e6de83f807ccf9c3a02b384c1fb6e59f7de720f1eaf37141bf0487f5e6"
    },
    {
        "Indicator":  "Screenshot + payment.doc",
        "Description":  "75a75224e81423663dd66ce20f845a58d523b0948c9d5cf135d599324512103e"
    },
    {
        "Indicator":  "doc1.doc",
        "Description":  "860a5e83c509ec6615a722cd62ba47a506f115743eeb03cc94b3d2b03cc0ecc0"
    }
]