Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
AI Analysis
Technical Summary
The threat titled 'Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)' refers to ongoing operations linked to the UNC4841 threat actor group in the aftermath of a zero-day vulnerability remediation in Barracuda Email Security Gateway (ESG) products. CVE-2023-2868 is a zero-day vulnerability that was exploited in the wild, allowing attackers to potentially compromise Barracuda ESG devices. Although the provided information does not specify technical details of the vulnerability or the exact nature of UNC4841's operations, it is known from external sources that UNC4841 is a threat actor group associated with targeted intrusion campaigns, often leveraging zero-day vulnerabilities to gain initial access or persistence. The lack of affected versions and patch links in the data suggests that this is an ongoing investigation or analysis rather than a fully disclosed vulnerability report. The threat level and analysis scores of '2' indicate a moderate concern, and the medium severity tag aligns with this. The absence of known exploits in the wild at the time of reporting may imply limited or controlled exploitation, but the association with a zero-day vulnerability in a widely used security appliance highlights the potential risk. Barracuda ESG devices are commonly deployed in enterprise environments for email security, making them attractive targets for attackers seeking to intercept or manipulate email traffic, gain footholds in networks, or conduct espionage. UNC4841's operations following the remediation suggest that the group may be adapting tactics or continuing campaigns despite the patch, possibly targeting unpatched systems or leveraging other attack vectors. The OSINT tags and the 50% certainty indicate that the information is based on open-source intelligence with moderate confidence, and the TLP white and clear markings mean the information is intended for broad sharing without restrictions.
Potential Impact
For European organizations, the potential impact of UNC4841 operations exploiting or targeting Barracuda ESG zero-day vulnerabilities is significant. Barracuda ESG appliances are widely used across various sectors including government, finance, healthcare, and critical infrastructure in Europe. Successful exploitation could lead to unauthorized access to sensitive email communications, enabling data exfiltration, espionage, or further network compromise. The integrity and confidentiality of email traffic could be severely affected, undermining trust in organizational communications and potentially leading to regulatory compliance violations under GDPR and other data protection frameworks. Additionally, attackers could leverage compromised ESG devices to deploy malware, conduct phishing campaigns, or establish persistent access, increasing the risk of ransomware or other disruptive attacks. The medium severity rating suggests that while the threat is not currently critical, the evolving nature of UNC4841 operations and the strategic importance of email security appliances warrant heightened vigilance. European organizations with delayed patching or legacy Barracuda ESG deployments are particularly at risk, as are those in sectors with high-value targets for espionage or cybercrime. The lack of known widespread exploitation does not preclude targeted attacks against high-value entities.
Mitigation Recommendations
European organizations should prioritize the following specific mitigation steps: 1) Immediate verification of Barracuda ESG appliance versions and application of any available patches or updates related to CVE-2023-2868. Even if no direct patch is available, follow vendor guidance for temporary mitigations or configuration changes to reduce exposure. 2) Conduct thorough network and endpoint monitoring for indicators of compromise associated with UNC4841, including unusual email gateway activity, unexpected outbound connections, or anomalous authentication attempts. 3) Implement strict network segmentation around email security appliances to limit lateral movement opportunities for attackers. 4) Enhance logging and alerting on Barracuda ESG devices to detect exploitation attempts or suspicious behavior promptly. 5) Review and tighten access controls and credentials related to ESG management interfaces, enforcing multi-factor authentication and least privilege principles. 6) Engage in threat intelligence sharing with industry peers and national cybersecurity centers to stay updated on UNC4841 tactics and emerging indicators. 7) Conduct targeted security awareness training for IT and security teams focusing on zero-day exploitation risks and incident response readiness. These measures go beyond generic advice by focusing on the specific context of Barracuda ESG appliances and the UNC4841 threat actor's operational patterns.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Belgium, Sweden, Poland, Austria
Indicators of Compromise
- vulnerability: CVE-2023-2868
- domain: xxl17z.dnslog.cn
- domain: mx01.bestfindthetruth.com
- domain: troublendsef.com
- domain: togetheroffway.com
- domain: singnode.com
- domain: singamofing.com
- domain: goldenunder.com
- domain: gesturefavour.com
- domain: fessionalwork.com
- domain: bestfindthetruth.com
- ip: 64.176.7.59
- ip: 64.176.4.234
- ip: 51.91.79.17
- ip: 45.154.253.154
- ip: 45.154.253.153
- ip: 45.148.16.46
- ip: 45.148.16.42
- ip: 38.60.254.165
- ip: 38.54.113.205
- ip: 38.54.1.82
- ip: 37.9.35.217
- ip: 23.224.78.134
- ip: 23.224.78.133
- ip: 23.224.78.132
- ip: 23.224.78.131
- ip: 23.224.78.130
- ip: 23.224.42.29
- ip: 216.238.112.82
- ip: 213.156.153.34
- ip: 199.247.23.80
- ip: 198.2.254.223
- ip: 198.2.254.222
- ip: 198.2.254.221
- ip: 198.2.254.220
- ip: 198.2.254.219
- ip: 195.234.82.132
- ip: 192.74.254.229
- ip: 192.74.226.142
- ip: 185.243.41.209
- ip: 182.239.114.254
- ip: 155.94.160.95
- ip: 139.84.227.9
- ip: 137.175.78.66
- ip: 137.175.60.253
- ip: 137.175.60.252
- ip: 137.175.53.218
- ip: 137.175.53.170
- ip: 137.175.53.17
- ip: 137.175.51.147
- ip: 137.175.30.86
- ip: 137.175.30.36
- ip: 137.175.28.251
- ip: 137.175.19.25
- ip: 113.52.106.3
- ip: 107.148.223.196
- ip: 107.148.219.55
- ip: 107.148.219.53
- ip: 107.148.219.227
- ip: 104.223.20.222
- ip: 103.93.78.142
- ip: 103.77.192.13
- ip: 103.27.108.62
- ip: 101.229.146.218
- hash: f289b565839794fe4f450ed0c9343b8fb699f97544d9af2a60851abc8b4656e0
- hash: caab341a35badbc65046bd02efa9ad2fe2671eb80ece0f2fa9cf70f5d7f4bedc
- hash: ca72fa64ed0a9c22d341a557c6e7c1b6a7264b0c4de0b6f717dd44bddf550bca
- hash: 9f04525835f998d454ed68cfc7fcb6b0907f2130ae6c6ab7495d41aa36ad8ccf
- hash: 9bb7addd96f99a29658aca9800b66046823c5ef0755e29012983db6f06a999cf
- hash: 949d4b01f31256e5e9c2b04e557dcca0a25fc2f6aa3618936befc7525e1df788
- hash: 8c5c8e7b3f8ab6651b906356535bf45992d6984d8ed8bd600a1a056a00e5afcb
- hash: 8849a3273e0362c45b4928375d196714224ec22cb1d2df5d029bf57349860347
- hash: 83ca636253fd1eb898b244855838e2281f257bbe8ead428b69528fc50b60ae9c
- hash: 601f44cc102ae5a113c0b5fe5d18350db8a24d780c0ff289880cc45de28e2b80
- hash: 56e8066bf83ff6fe0cec92aede90f6722260e0a3f169fc163ed88589bffd7451
- hash: 4028eadf4c27b4007930606551e3a32b2af23d746d5b866cc1c6587e7fd0d776
- hash: 3ff3250e07ad74fa419e4a8d6564357b22683d152cd8e9f106c8da3751ea9ff3
- hash: 3f26a13f023ad0dcd7f2aa4e7771bba74910ee227b4b36ff72edc5f07336f115
- hash: 2a5de691243f2b91f164c3021c157fbd783b4f3e7d5f5950182e52ec868cd40b
- hash: 1c6cad0ed66cf8fd438974e1eac0bc6dd9119f84892930cb71cb56a5e985f0a4
- hash: fda9dfa7b41a05c6ae32f71f2b31a5d56d7eca9b
- hash: dc5841d8ed9ab8a5f3496f2258eafb1e0cedf4d3
- hash: cf22082532d4d6387ea1c9bc4dc5b255aa7a0290
- hash: c71d363472d927cf13674e95b79d4d38b3fed754
- hash: c637a9ce65083b21c834e7a68bd1bc51b412fa11
- hash: 87df97d6214aecb5c395d84c3a35f359a90ad716
- hash: 77b1864c489affe0ac2284135050373951b7987e
- hash: 6505513ca06db10b17f6d4792c30a53733309231
- hash: 5ce46efc6b28bd94955138833dc97916957dbde1
- hash: 290e5cb4d32f97963bdc95ef2cc4b44a4de5666d
- hash: 254b6bcbc5f60e30c596c263b8a4f393badbf1aa
- hash: 1cca66cb1f4527eaffbcfeb2237922c93b332d64
- hash: 191e16b564c66b3db67f837e1dc5eac98ff9b9ef
- hash: 1903a3553bcb291579206b39e7818c77e2c07054
- hash: 10b621c5e07648bd7a7391e569aa62a510be82f4
- hash: 0ea36676bd7169bcbf432f721c4edb5fde0a46a9
- hash: ff005f1ff98ec1cd678785baa0386bd1
- hash: fe1e2d676c91f899b706682b70176983
- hash: fe031a93c84aa3d01e2223a6bb988fa0
- hash: f6857841a255b3b4e4eded7a66438696
- hash: f667939000c941e5b9dc91303c98b7fc
- hash: f5ab04a920302931a8bd063f27b745cc
- hash: ef00c92fa005c2f61ec23d5278a8fa25
- hash: ed648c366b6e564fc636c072bbcac907
- hash: ec0d46b2aa7adfdff10a671a77aeb2ae
- hash: e80a85250263d58cc1a1dc39d6cf3942
- hash: e68cd991777118d76e7bce163d8a2bc1
- hash: e52871d82de01b7e7f134c776703f696
- hash: e4e86c273a2b67a605f5d4686783e0cc
- hash: dde2d3347b76070fff14f6c0412f95ba
- hash: db4c48921537d67635bb210a9cb5bb52
- hash: da06e7c32f070a9bb96b720ef332b50b
- hash: d8e748b1b609d376f57343b2bde94b29
- hash: d81263e6872cc805e6cf4ca05d86df4e
- hash: d1392095086c07bd8d2ef174cb5f6ca8
- hash: d098fe9674b6b4cb540699c5eb452cb5
- hash: ce67bb99bc1e26f6cb1f968bc1b1ec21
- hash: cd2813f0260d63ad5adf0446253c2576
- hash: cd2813f0260d63ad5adf0446253c2172
- hash: cb0f7f216e8965f40a724bc15db7510b
- hash: c9ae8bfd08f57d955465f23a5f1c09a4
- hash: c979e8651c1f40d685be2f66e8c2c610
- hash: c7a89a215e74104682880def469d4758
- hash: c5c93ba36e079892c1123fe9dffd660f
- hash: c56d7b86e59c5c737ee7537d7cf13df1
- hash: c528b6398c86f8bdcfa3f9de7837ebfe
- hash: c2e577c71d591999ad5c581e49343093
- hash: bef722484288e24258dd33922b1a7148
- hash: ba7af4f98d85e5847c08cf6cefdf35dc
- hash: b860198feca7398bc79a8ec69afc65ed
- hash: b745626b36b841ed03eddfb08e6bb061
- hash: b601fce4181b275954e3f35b18996c92
- hash: b354111afc9c6c26c1475e761d347144
- hash: ad1dc51a66201689d442499f70b78dea
- hash: ac4fb6d0bfc871be6f68bfa647fc0125
- hash: a45ca19435c2976a29300128dc410fd4
- hash: a28de396aa91b7faca35e861b634c502
- hash: a08a99e5224e1baf569fda816c991045
- hash: 9bc6d6af590e7d94869dee1d33cc1cae
- hash: 9aa90d767ba0a3f057653aadcb75e579
- hash: 94b6f76da938ef855a91011f16252d59
- hash: 9033dc5bac76542b9b752064a56c6ee4
- hash: 8fdf3b7dc6d88594b8b5173c1aa2bc82
- hash: 8fc03800c1179a18fbd58d746596fa7d
- hash: 8f1c40bd3ab33d517839ca17591d8666
- hash: 881b7846f8384c12c7481b23011d8e45
- hash: 878cf1de91f3ae543fd290c31adcbda4
- hash: 87847445f9524671022d70f2a812728f
- hash: 85c5b6c408e4bdb87da6764a75008adf
- hash: 858174c8f4a45e9564382d4480831c6b
- hash: 8406f74ac2c57807735a9b86f61da9f9
- hash: 831d41ba2a0036540536c2f884d089f9
- hash: 830fca78440780aef448c862eee2a8ac
- hash: 82eaf69de710abdc5dea7cd5cb56cf04
- hash: 827d507aa3bde0ef903ca5dec60cdec8
- hash: 806250c466824a027e3e85461dc672db
- hash: 7ebd5f3e800dcd0510cfcbe2351d3838
- hash: 7d7fd05b262342a9e8237ce14ec41c3b
- hash: 76811232ede58de2faf6aca8395f8427
- hash: 724079649f690ca1ee80b8b3125b58b9
- hash: 6f79ef58b354fd33824c96625590c244
- hash: 69ef9a9e8d0506d957248e983d22b0d5
- hash: 694cdb49879f1321abb4605adf634935
- hash: 683acdb559bbc7fb64431d1f579a8104
- hash: 67a4556b021578e0a421fdc251f07e04
- hash: 666da297066a2596cacb13b3da9572bf
- hash: 64c690f175a2d2fe38d3d7c0d0ddbb6e
- hash: 61514ac639721a51e98c47f2ac3afe81
- hash: 5fdee67c82f5480edfa54afc5a9dc834
- hash: 5d6cba7909980a7b424b133fbac634ac
- hash: 5392fb400bd671d4b185fb35a9b23fd3
- hash: 4ec4ceda84c580054f191caa09916c68
- hash: 4cd0f3219e98ac2e9021b06af70ed643
- hash: 4ca4f582418b2cc0626700511a6315c0
- hash: 4c1c2db989e0e881232c7748593d291e
- hash: 4b511567cfa8dbaa32e11baf3268f074
- hash: 479315620c9a5a62a745ab586ba7b78c
- hash: 45b79949276c9cb9cf5dc72597dc1006
- hash: 4495cb72708f486b734de6b6c6402aba
- hash: 446f3d71591afa37bbd604e2e400ae8b
- hash: 436587bad5e061a7e594f9971d89c468
- hash: 42722b7d04f58dcb8bd80fe41c7ea09e
- hash: 407738e565b4e9dafb07b782ebcf46b0
- hash: 3e3f72f99062255d6320d5e686f0e212
- hash: 3c20617f089fe5cc9ba12c43c6c072f5
- hash: 3b93b524db66f8bb3df8279a141734bb
- hash: 35cf6faf442d325961935f660e2ab5a0
- hash: 35a432e40da597c7ab63ff16b09d19d8
- hash: 349ca242bc6d2652d84146f5f91c3dbb
- hash: 336c12441b7a678280562729c974a840
- hash: 32ffe48d1a8ced49c53033eb65eff6f3
- hash: 3273a29d15334efddd8276af53c317fb
- hash: 2e30520f8536a27dd59eabbcb8e3532a
- hash: 2d841cb153bebcfdee5c54472b017af2
- hash: 2ccb9759800154de817bf779a52d48f8
- hash: 23f4f604f1a05c4abf2ac02f976b746b
- ip: 45.63.76.67
- ip: 155.94.160.72
- ip: 107.173.62.158
- ip: 107.148.219.54
- ip: 104.156.229.226
- ip: 103.77.192.88
- ip: 103.146.179.101
- ip: 182.239.114.135
- ip: 107.148.149.156
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
Description
Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
AI-Powered Analysis
Technical Analysis
The threat titled 'Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)' refers to ongoing operations linked to the UNC4841 threat actor group in the aftermath of a zero-day vulnerability remediation in Barracuda Email Security Gateway (ESG) products. CVE-2023-2868 is a zero-day vulnerability that was exploited in the wild, allowing attackers to potentially compromise Barracuda ESG devices. Although the provided information does not specify technical details of the vulnerability or the exact nature of UNC4841's operations, it is known from external sources that UNC4841 is a threat actor group associated with targeted intrusion campaigns, often leveraging zero-day vulnerabilities to gain initial access or persistence. The lack of affected versions and patch links in the data suggests that this is an ongoing investigation or analysis rather than a fully disclosed vulnerability report. The threat level and analysis scores of '2' indicate a moderate concern, and the medium severity tag aligns with this. The absence of known exploits in the wild at the time of reporting may imply limited or controlled exploitation, but the association with a zero-day vulnerability in a widely used security appliance highlights the potential risk. Barracuda ESG devices are commonly deployed in enterprise environments for email security, making them attractive targets for attackers seeking to intercept or manipulate email traffic, gain footholds in networks, or conduct espionage. UNC4841's operations following the remediation suggest that the group may be adapting tactics or continuing campaigns despite the patch, possibly targeting unpatched systems or leveraging other attack vectors. The OSINT tags and the 50% certainty indicate that the information is based on open-source intelligence with moderate confidence, and the TLP white and clear markings mean the information is intended for broad sharing without restrictions.
Potential Impact
For European organizations, the potential impact of UNC4841 operations exploiting or targeting Barracuda ESG zero-day vulnerabilities is significant. Barracuda ESG appliances are widely used across various sectors including government, finance, healthcare, and critical infrastructure in Europe. Successful exploitation could lead to unauthorized access to sensitive email communications, enabling data exfiltration, espionage, or further network compromise. The integrity and confidentiality of email traffic could be severely affected, undermining trust in organizational communications and potentially leading to regulatory compliance violations under GDPR and other data protection frameworks. Additionally, attackers could leverage compromised ESG devices to deploy malware, conduct phishing campaigns, or establish persistent access, increasing the risk of ransomware or other disruptive attacks. The medium severity rating suggests that while the threat is not currently critical, the evolving nature of UNC4841 operations and the strategic importance of email security appliances warrant heightened vigilance. European organizations with delayed patching or legacy Barracuda ESG deployments are particularly at risk, as are those in sectors with high-value targets for espionage or cybercrime. The lack of known widespread exploitation does not preclude targeted attacks against high-value entities.
Mitigation Recommendations
European organizations should prioritize the following specific mitigation steps: 1) Immediate verification of Barracuda ESG appliance versions and application of any available patches or updates related to CVE-2023-2868. Even if no direct patch is available, follow vendor guidance for temporary mitigations or configuration changes to reduce exposure. 2) Conduct thorough network and endpoint monitoring for indicators of compromise associated with UNC4841, including unusual email gateway activity, unexpected outbound connections, or anomalous authentication attempts. 3) Implement strict network segmentation around email security appliances to limit lateral movement opportunities for attackers. 4) Enhance logging and alerting on Barracuda ESG devices to detect exploitation attempts or suspicious behavior promptly. 5) Review and tighten access controls and credentials related to ESG management interfaces, enforcing multi-factor authentication and least privilege principles. 6) Engage in threat intelligence sharing with industry peers and national cybersecurity centers to stay updated on UNC4841 tactics and emerging indicators. 7) Conduct targeted security awareness training for IT and security teams focusing on zero-day exploitation risks and incident response readiness. These measures go beyond generic advice by focusing on the specific context of Barracuda ESG appliances and the UNC4841 threat actor's operational patterns.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Threat Level
- 2
- Analysis
- 2
Indicators of Compromise
Vulnerability
| Value | Description | Copy |
|---|---|---|
vulnerabilityCVE-2023-2868 | — |
Domain
| Value | Description | Copy |
|---|---|---|
domainxxl17z.dnslog.cn | — | |
domainmx01.bestfindthetruth.com | — | |
domaintroublendsef.com | — | |
domaintogetheroffway.com | — | |
domainsingnode.com | — | |
domainsingamofing.com | — | |
domaingoldenunder.com | — | |
domaingesturefavour.com | — | |
domainfessionalwork.com | — | |
domainbestfindthetruth.com | — |
Ip
| Value | Description | Copy |
|---|---|---|
ip64.176.7.59 | — | |
ip64.176.4.234 | — | |
ip51.91.79.17 | — | |
ip45.154.253.154 | — | |
ip45.154.253.153 | — | |
ip45.148.16.46 | — | |
ip45.148.16.42 | — | |
ip38.60.254.165 | — | |
ip38.54.113.205 | — | |
ip38.54.1.82 | — | |
ip37.9.35.217 | — | |
ip23.224.78.134 | — | |
ip23.224.78.133 | — | |
ip23.224.78.132 | — | |
ip23.224.78.131 | — | |
ip23.224.78.130 | — | |
ip23.224.42.29 | — | |
ip216.238.112.82 | — | |
ip213.156.153.34 | — | |
ip199.247.23.80 | — | |
ip198.2.254.223 | — | |
ip198.2.254.222 | — | |
ip198.2.254.221 | — | |
ip198.2.254.220 | — | |
ip198.2.254.219 | — | |
ip195.234.82.132 | — | |
ip192.74.254.229 | — | |
ip192.74.226.142 | — | |
ip185.243.41.209 | — | |
ip182.239.114.254 | — | |
ip155.94.160.95 | — | |
ip139.84.227.9 | — | |
ip137.175.78.66 | — | |
ip137.175.60.253 | — | |
ip137.175.60.252 | — | |
ip137.175.53.218 | — | |
ip137.175.53.170 | — | |
ip137.175.53.17 | — | |
ip137.175.51.147 | — | |
ip137.175.30.86 | — | |
ip137.175.30.36 | — | |
ip137.175.28.251 | — | |
ip137.175.19.25 | — | |
ip113.52.106.3 | — | |
ip107.148.223.196 | — | |
ip107.148.219.55 | — | |
ip107.148.219.53 | — | |
ip107.148.219.227 | — | |
ip104.223.20.222 | — | |
ip103.93.78.142 | — | |
ip103.77.192.13 | — | |
ip103.27.108.62 | — | |
ip101.229.146.218 | — | |
ip45.63.76.67 | Scanning host | |
ip155.94.160.72 | Scanning host | |
ip107.173.62.158 | Scanning host | |
ip107.148.219.54 | Scanning host | |
ip104.156.229.226 | Scanning host | |
ip103.77.192.88 | Scanning host | |
ip103.146.179.101 | Scanning host | |
ip182.239.114.135 | Scanning host | |
ip107.148.149.156 | Scanning host |
Hash
| Value | Description | Copy |
|---|---|---|
hashf289b565839794fe4f450ed0c9343b8fb699f97544d9af2a60851abc8b4656e0 | — | |
hashcaab341a35badbc65046bd02efa9ad2fe2671eb80ece0f2fa9cf70f5d7f4bedc | — | |
hashca72fa64ed0a9c22d341a557c6e7c1b6a7264b0c4de0b6f717dd44bddf550bca | — | |
hash9f04525835f998d454ed68cfc7fcb6b0907f2130ae6c6ab7495d41aa36ad8ccf | — | |
hash9bb7addd96f99a29658aca9800b66046823c5ef0755e29012983db6f06a999cf | — | |
hash949d4b01f31256e5e9c2b04e557dcca0a25fc2f6aa3618936befc7525e1df788 | — | |
hash8c5c8e7b3f8ab6651b906356535bf45992d6984d8ed8bd600a1a056a00e5afcb | — | |
hash8849a3273e0362c45b4928375d196714224ec22cb1d2df5d029bf57349860347 | — | |
hash83ca636253fd1eb898b244855838e2281f257bbe8ead428b69528fc50b60ae9c | — | |
hash601f44cc102ae5a113c0b5fe5d18350db8a24d780c0ff289880cc45de28e2b80 | — | |
hash56e8066bf83ff6fe0cec92aede90f6722260e0a3f169fc163ed88589bffd7451 | — | |
hash4028eadf4c27b4007930606551e3a32b2af23d746d5b866cc1c6587e7fd0d776 | — | |
hash3ff3250e07ad74fa419e4a8d6564357b22683d152cd8e9f106c8da3751ea9ff3 | — | |
hash3f26a13f023ad0dcd7f2aa4e7771bba74910ee227b4b36ff72edc5f07336f115 | — | |
hash2a5de691243f2b91f164c3021c157fbd783b4f3e7d5f5950182e52ec868cd40b | — | |
hash1c6cad0ed66cf8fd438974e1eac0bc6dd9119f84892930cb71cb56a5e985f0a4 | — | |
hashfda9dfa7b41a05c6ae32f71f2b31a5d56d7eca9b | — | |
hashdc5841d8ed9ab8a5f3496f2258eafb1e0cedf4d3 | — | |
hashcf22082532d4d6387ea1c9bc4dc5b255aa7a0290 | — | |
hashc71d363472d927cf13674e95b79d4d38b3fed754 | — | |
hashc637a9ce65083b21c834e7a68bd1bc51b412fa11 | — | |
hash87df97d6214aecb5c395d84c3a35f359a90ad716 | — | |
hash77b1864c489affe0ac2284135050373951b7987e | — | |
hash6505513ca06db10b17f6d4792c30a53733309231 | — | |
hash5ce46efc6b28bd94955138833dc97916957dbde1 | — | |
hash290e5cb4d32f97963bdc95ef2cc4b44a4de5666d | — | |
hash254b6bcbc5f60e30c596c263b8a4f393badbf1aa | — | |
hash1cca66cb1f4527eaffbcfeb2237922c93b332d64 | — | |
hash191e16b564c66b3db67f837e1dc5eac98ff9b9ef | — | |
hash1903a3553bcb291579206b39e7818c77e2c07054 | — | |
hash10b621c5e07648bd7a7391e569aa62a510be82f4 | — | |
hash0ea36676bd7169bcbf432f721c4edb5fde0a46a9 | — | |
hashff005f1ff98ec1cd678785baa0386bd1 | — | |
hashfe1e2d676c91f899b706682b70176983 | — | |
hashfe031a93c84aa3d01e2223a6bb988fa0 | — | |
hashf6857841a255b3b4e4eded7a66438696 | — | |
hashf667939000c941e5b9dc91303c98b7fc | — | |
hashf5ab04a920302931a8bd063f27b745cc | — | |
hashef00c92fa005c2f61ec23d5278a8fa25 | — | |
hashed648c366b6e564fc636c072bbcac907 | — | |
hashec0d46b2aa7adfdff10a671a77aeb2ae | — | |
hashe80a85250263d58cc1a1dc39d6cf3942 | — | |
hashe68cd991777118d76e7bce163d8a2bc1 | — | |
hashe52871d82de01b7e7f134c776703f696 | — | |
hashe4e86c273a2b67a605f5d4686783e0cc | — | |
hashdde2d3347b76070fff14f6c0412f95ba | — | |
hashdb4c48921537d67635bb210a9cb5bb52 | — | |
hashda06e7c32f070a9bb96b720ef332b50b | — | |
hashd8e748b1b609d376f57343b2bde94b29 | — | |
hashd81263e6872cc805e6cf4ca05d86df4e | — | |
hashd1392095086c07bd8d2ef174cb5f6ca8 | — | |
hashd098fe9674b6b4cb540699c5eb452cb5 | — | |
hashce67bb99bc1e26f6cb1f968bc1b1ec21 | — | |
hashcd2813f0260d63ad5adf0446253c2576 | — | |
hashcd2813f0260d63ad5adf0446253c2172 | — | |
hashcb0f7f216e8965f40a724bc15db7510b | — | |
hashc9ae8bfd08f57d955465f23a5f1c09a4 | — | |
hashc979e8651c1f40d685be2f66e8c2c610 | — | |
hashc7a89a215e74104682880def469d4758 | — | |
hashc5c93ba36e079892c1123fe9dffd660f | — | |
hashc56d7b86e59c5c737ee7537d7cf13df1 | — | |
hashc528b6398c86f8bdcfa3f9de7837ebfe | — | |
hashc2e577c71d591999ad5c581e49343093 | — | |
hashbef722484288e24258dd33922b1a7148 | — | |
hashba7af4f98d85e5847c08cf6cefdf35dc | — | |
hashb860198feca7398bc79a8ec69afc65ed | — | |
hashb745626b36b841ed03eddfb08e6bb061 | — | |
hashb601fce4181b275954e3f35b18996c92 | — | |
hashb354111afc9c6c26c1475e761d347144 | — | |
hashad1dc51a66201689d442499f70b78dea | — | |
hashac4fb6d0bfc871be6f68bfa647fc0125 | — | |
hasha45ca19435c2976a29300128dc410fd4 | — | |
hasha28de396aa91b7faca35e861b634c502 | — | |
hasha08a99e5224e1baf569fda816c991045 | — | |
hash9bc6d6af590e7d94869dee1d33cc1cae | — | |
hash9aa90d767ba0a3f057653aadcb75e579 | — | |
hash94b6f76da938ef855a91011f16252d59 | — | |
hash9033dc5bac76542b9b752064a56c6ee4 | — | |
hash8fdf3b7dc6d88594b8b5173c1aa2bc82 | — | |
hash8fc03800c1179a18fbd58d746596fa7d | — | |
hash8f1c40bd3ab33d517839ca17591d8666 | — | |
hash881b7846f8384c12c7481b23011d8e45 | — | |
hash878cf1de91f3ae543fd290c31adcbda4 | — | |
hash87847445f9524671022d70f2a812728f | — | |
hash85c5b6c408e4bdb87da6764a75008adf | — | |
hash858174c8f4a45e9564382d4480831c6b | — | |
hash8406f74ac2c57807735a9b86f61da9f9 | — | |
hash831d41ba2a0036540536c2f884d089f9 | — | |
hash830fca78440780aef448c862eee2a8ac | — | |
hash82eaf69de710abdc5dea7cd5cb56cf04 | — | |
hash827d507aa3bde0ef903ca5dec60cdec8 | — | |
hash806250c466824a027e3e85461dc672db | — | |
hash7ebd5f3e800dcd0510cfcbe2351d3838 | — | |
hash7d7fd05b262342a9e8237ce14ec41c3b | — | |
hash76811232ede58de2faf6aca8395f8427 | — | |
hash724079649f690ca1ee80b8b3125b58b9 | — | |
hash6f79ef58b354fd33824c96625590c244 | — | |
hash69ef9a9e8d0506d957248e983d22b0d5 | — | |
hash694cdb49879f1321abb4605adf634935 | — | |
hash683acdb559bbc7fb64431d1f579a8104 | — | |
hash67a4556b021578e0a421fdc251f07e04 | — | |
hash666da297066a2596cacb13b3da9572bf | — | |
hash64c690f175a2d2fe38d3d7c0d0ddbb6e | — | |
hash61514ac639721a51e98c47f2ac3afe81 | — | |
hash5fdee67c82f5480edfa54afc5a9dc834 | — | |
hash5d6cba7909980a7b424b133fbac634ac | — | |
hash5392fb400bd671d4b185fb35a9b23fd3 | — | |
hash4ec4ceda84c580054f191caa09916c68 | — | |
hash4cd0f3219e98ac2e9021b06af70ed643 | — | |
hash4ca4f582418b2cc0626700511a6315c0 | — | |
hash4c1c2db989e0e881232c7748593d291e | — | |
hash4b511567cfa8dbaa32e11baf3268f074 | — | |
hash479315620c9a5a62a745ab586ba7b78c | — | |
hash45b79949276c9cb9cf5dc72597dc1006 | — | |
hash4495cb72708f486b734de6b6c6402aba | — | |
hash446f3d71591afa37bbd604e2e400ae8b | — | |
hash436587bad5e061a7e594f9971d89c468 | — | |
hash42722b7d04f58dcb8bd80fe41c7ea09e | — | |
hash407738e565b4e9dafb07b782ebcf46b0 | — | |
hash3e3f72f99062255d6320d5e686f0e212 | — | |
hash3c20617f089fe5cc9ba12c43c6c072f5 | — | |
hash3b93b524db66f8bb3df8279a141734bb | — | |
hash35cf6faf442d325961935f660e2ab5a0 | — | |
hash35a432e40da597c7ab63ff16b09d19d8 | — | |
hash349ca242bc6d2652d84146f5f91c3dbb | — | |
hash336c12441b7a678280562729c974a840 | — | |
hash32ffe48d1a8ced49c53033eb65eff6f3 | — | |
hash3273a29d15334efddd8276af53c317fb | — | |
hash2e30520f8536a27dd59eabbcb8e3532a | — | |
hash2d841cb153bebcfdee5c54472b017af2 | — | |
hash2ccb9759800154de817bf779a52d48f8 | — | |
hash23f4f604f1a05c4abf2ac02f976b746b | — |
Threat ID: 6828eab8e1a0c275ea6e26fc
Added to database: 5/17/2025, 7:59:52 PM
Last enriched: 6/16/2025, 8:05:51 PM
Last updated: 9/27/2025, 8:15:59 AM
Views: 29
Related Threats
Actions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.