TLP:WHITE124 IOCs
10 Things I Hate About Attribution: RomCom vs. TransferLoader
Threat Actors
Diamond Model
Adversary(1)
Infrastructure(6)
Capability
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise124
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| Domain | supportcausems.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onefile.social indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | sharepdf.limited indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | 3a234b49b834849689da477f77ca6363b40ee83e58213ee51b1ec248da90a543 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | 1drive.expert indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | storage-hub.pub indicatornetwork | High | 68 | Jun 2, 26 |
| SHA1 | 2b301191aa9e1d2c8e3eefd38b6eb1952b1fce88 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | dr365.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drivehost.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drive.social indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | cd526475391c375e8e40f0146146672928db9bbf210acb41e0fd41381cd5eb9a file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | d1rv.social indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drivestorage.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drivems.expert indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | sharedrive.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | cloudlive.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drive.bio indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | 54a94c7ec259104478b40fd0e6325d1f5364351e6ce1adfd79369d6438ed6ed9 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | onedrivems.works indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | 7fc65b23e0a85f548e4268b77b66a3c9f3d08b9c1817c99bc1336d51d36e1ec6 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | onedrweb.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | mydrv1.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onedrivecloud.click indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | documentapproved.click indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onedrivems.cloud indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | dvfilesync.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | deliverycitylife.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | file-acess.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drshare.online indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | 07b9e353239c4c057115e8871adc3cfb42467998c6b737b28435ecc9405001c9 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | journalctl.website indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | my-drive365.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drivecloud.click indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | fba9f2c351e898bfc61c8b1181020212ccb9e55041c4dd433ca2867dbf796469 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | file-share.works indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | dvcloud.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv.me loadermalwarenetwork | High | 68 | Jun 2, 26 |
| Domain | gdl-cloud.works indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | my-356drv.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drvfiles.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onelivedrv.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onedrivecloud.net indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv365.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | opendnsapi.net indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 365drv.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | lauradream.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drivecloud.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | mspdf.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv.site loadermalwarenetwork | High | 68 | Jun 2, 26 |
| Domain | share-doc.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | cdngateway.us loadermalwarenetwork | High | 68 | Jun 2, 26 |
| Domain | 1dvstorage.com indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | 00385cae3630694eb70e2b82d5baa6130c503126c17db3fc63376c7d28c04145 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | gworkspace.social indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | livestorage.click indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | my1drv.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drvms.space loadermalwarenetwork | High | 68 | Jun 2, 26 |
| Domain | myonedrive365.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drivems.works indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | workspace-doc.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | gdrive-share.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | gdrvdocs.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | clouderive.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | mngersrv.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onlinedrive.click indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 365work.chat indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1dcloud.live indicatornetwork | High | 68 | Jun 2, 26 |
| SHA1 | d890d4b40ce56f90b9ea168bf6d7bf5043a47319 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | onedr.expert indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drivedefend.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drive.pub indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | e7917ff12114be5c79ca9bd0082eb628192c2ebfbee7aad2ae626ea208ee37cf file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | ondv.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drivehub.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv.eu.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | cloud-pdf.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv.zone loadermalwarenetwork | High | 68 | Jun 2, 26 |
| SHA256 | 6d5226cba687d99ce14eda8de290edd470e79436625618559c8db1458a53666c file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | drsync.click indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | cloudly.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | healthfy.bio indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | storagedrive.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | share-pdf.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv365.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv.biz loadermalwarenetwork | High | 68 | Jun 2, 26 |
| SHA256 | f5f2761278163a1a813356666cb305fe37806f5f633b2a5475997f10d24fb3d4 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | pdf-storage.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drvcloud.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | cloud1dv.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | consvcprivacy.com indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | 8f3b065e6aa6bc220867cdcb1c250c69b2d46422c51f66f25091f6cab5d043de file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | data-dv.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onedrivecloud.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drive.works indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1day.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1dv.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | site-staff.sale indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | diskstorage.click indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | ondrve.live indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | 7e51eb44cfd945f4a155707f773fae3207ebfb59d45ea866ba69bd9bc28dfc32 file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | 1drv-storage.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drivepublic.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | file-cloud.company indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | temptransfer.live loadermalwarenetwork | High | 68 | Jun 2, 26 |
| Domain | 1dv365.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drivepoint.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drive-share.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | my1drv.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | pdf-share.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drive-work.online indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onedrivecloud.expert indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | datadrv1.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1share.limited indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | pdfshare.click indicatornetwork | High | 68 | Jun 2, 26 |
| SHA256 | 33971df8f5c34c3c79f64e2e28e300260499285bd37f77295ba88897728ace4b file-hashloadermalware | High | 68 | Jun 2, 26 |
| SHA256 | 1c6a5476d485d311be1e07c2e0d2ae322214caa5d4f84398d4169d499105b01a file-hashloadermalware | High | 68 | Jun 2, 26 |
| Domain | driveshare.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv.world indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drw.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 1drv-team.works indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | ms.share-onedr.com indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | drivenc.pub indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | 365msdrv.live indicatornetwork | High | 68 | Jun 2, 26 |
| Domain | onestorelink.live indicatornetwork | High | 68 | Jun 2, 26 |
IOC Relationship Graph
IOC Relationship Graph124 total IOCs
DomainSHA256SHA1