{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":167027398,"defaultBranch":"master","name":"IoCs","ownerLogin":"sophoslabs","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2019-01-22T16:27:45.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/40878494?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1712689570.0","currentOid":""},"activityList":{"items":[{"before":"01fb8f521cb609b707433a74b1996a886a0dc30c","after":"a5cfd3d7fa6385c0068b04e11a6aab5a7ea7cb1b","ref":"refs/heads/master","pushedAt":"2024-04-26T16:41:15.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"thisisagunn","name":null,"path":"/thisisagunn","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107268878?s=80&v=4"},"commit":{"message":"Add files via upload\n\nThis is the very long IoC file for the article \"Malware campaign attempts abuse of defender binaries,\" first published 26 April 2024","shortMessageHtmlLink":"Add files via upload"}},{"before":"894e24073f72e496ba1615c6d6095053b4288688","after":"01fb8f521cb609b707433a74b1996a886a0dc30c","ref":"refs/heads/master","pushedAt":"2024-04-09T19:06:10.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dalab-sophos","name":"Matt Wixey","path":"/dalab-sophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107035408?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"7860ccb79502fd9041c642c66d52045d81716ec0","after":"894e24073f72e496ba1615c6d6095053b4288688","ref":"refs/heads/master","pushedAt":"2024-03-04T11:00:47.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dalab-sophos","name":"Matt Wixey","path":"/dalab-sophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107035408?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"75831f1d71e376db0ebc789f2e4c5e9436009a07","after":"7860ccb79502fd9041c642c66d52045d81716ec0","ref":"refs/heads/master","pushedAt":"2024-02-27T15:56:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Update 2024-02_Payloads_associated_with_ScreenConnect_attacks.csv","shortMessageHtmlLink":"Update 2024-02_Payloads_associated_with_ScreenConnect_attacks.csv"}},{"before":"f7d7fabd4b994be2675fa8b27849e90e4c3d0861","after":"75831f1d71e376db0ebc789f2e4c5e9436009a07","ref":"refs/heads/master","pushedAt":"2024-02-27T02:52:40.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Add files via upload\n\nIndicators related to malware abuse of ScreenConnect vulnerabilities February, 2024\r\nhttps://news.sophos.com/en-us/2024/02/23/connectwise-screenconnect-attacks-deliver-malware/","shortMessageHtmlLink":"Add files via upload"}},{"before":"af02639afa743d296e7610b1b2bbe3a3f373f0d2","after":"f7d7fabd4b994be2675fa8b27849e90e4c3d0861","ref":"refs/heads/master","pushedAt":"2023-12-22T07:09:08.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"thisisagunn","name":null,"path":"/thisisagunn","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107268878?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"bc5d3bacdbf5c2d75d47f5271edea77d0ab78be6","after":"af02639afa743d296e7610b1b2bbe3a3f373f0d2","ref":"refs/heads/master","pushedAt":"2023-12-19T03:05:08.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Add files via upload\n\nIndicators related to malspam campaign targeting hotels in autumn 2023 https://news.sophos.com/en-us/2023/12/19/inhospitality-malspam-campaign-targets-hotel-industry","shortMessageHtmlLink":"Add files via upload"}},{"before":"207cff959b23ec5d0e18a4efc8d6fc95211303a1","after":"bc5d3bacdbf5c2d75d47f5271edea77d0ab78be6","ref":"refs/heads/master","pushedAt":"2023-12-16T03:42:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"packetrat","name":"Sean M Gallagher","path":"/packetrat","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/402587?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"6b921ed40afe466b1480cb668e9fce7066f1fbbf","after":"207cff959b23ec5d0e18a4efc8d6fc95211303a1","ref":"refs/heads/master","pushedAt":"2023-11-13T23:40:00.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"thisisagunn","name":null,"path":"/thisisagunn","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107268878?s=80&v=4"},"commit":{"message":"Update 2311 Vice Society - Rhysida IoCs.csv","shortMessageHtmlLink":"Update 2311 Vice Society - Rhysida IoCs.csv"}},{"before":"07deb6b63d623dde6c7a6c28cbad2d27b8a1234d","after":"6b921ed40afe466b1480cb668e9fce7066f1fbbf","ref":"refs/heads/master","pushedAt":"2023-11-11T02:52:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"thisisagunn","name":null,"path":"/thisisagunn","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107268878?s=80&v=4"},"commit":{"message":"Add files via upload\n\nIoCs related to the 10 November 2023 post","shortMessageHtmlLink":"Add files via upload"}},{"before":"a1a534e6c284f9c27f550e034596da04d6bcc630","after":"07deb6b63d623dde6c7a6c28cbad2d27b8a1234d","ref":"refs/heads/master","pushedAt":"2023-10-18T21:00:03.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"packetrat","name":"Sean M Gallagher","path":"/packetrat","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/402587?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"9308aa731142242a126271878723b9085a32cf41","after":"a1a534e6c284f9c27f550e034596da04d6bcc630","ref":"refs/heads/master","pushedAt":"2023-10-18T00:53:28.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"thisisagunn","name":null,"path":"/thisisagunn","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107268878?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"a527e6bbb4a4da812de1d2098e7de4b5f6af2e0a","after":"9308aa731142242a126271878723b9085a32cf41","ref":"refs/heads/master","pushedAt":"2023-10-06T15:09:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dalab-sophos","name":"Matt Wixey","path":"/dalab-sophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107035408?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"a995a4e1a74b3eb1f64ca836746398d42d978604","after":"a527e6bbb4a4da812de1d2098e7de4b5f6af2e0a","ref":"refs/heads/master","pushedAt":"2023-10-06T04:01:52.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"thisisagunn","name":null,"path":"/thisisagunn","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107268878?s=80&v=4"},"commit":{"message":"Update 2309 Tiny Turla backdoor.csv","shortMessageHtmlLink":"Update 2309 Tiny Turla backdoor.csv"}},{"before":"6a41e78811d23aaa85e285d422acc194eccdc4f2","after":"a995a4e1a74b3eb1f64ca836746398d42d978604","ref":"refs/heads/master","pushedAt":"2023-09-22T15:19:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"thisisagunn","name":null,"path":"/thisisagunn","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107268878?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"d3983ab46566907d09708ff9d139bd5a905894f1","after":"6a41e78811d23aaa85e285d422acc194eccdc4f2","ref":"refs/heads/master","pushedAt":"2023-08-30T16:15:08.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Update 2023-08-25 Citrix CVE-2023-3519 attacks.csv","shortMessageHtmlLink":"Update 2023-08-25 Citrix <a title=\"CVE-2023-3519\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-m4j4-rmj5-w5gp/hovercard\" href=\"https://github.com/advisories/GHSA-m4j4-rmj5-w5gp\">CVE-2023-3519</a> attacks.csv"}},{"before":"532aed41e5c31b8dd5e34c42156745fd4a7b233f","after":"d3983ab46566907d09708ff9d139bd5a905894f1","ref":"refs/heads/master","pushedAt":"2023-08-25T18:29:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"82a80113d92ce8160cbdfcc901eb8ebbbb3b4e94","after":"532aed41e5c31b8dd5e34c42156745fd4a7b233f","ref":"refs/heads/master","pushedAt":"2023-08-09T08:05:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"d8fc28f0acc8dc5b75303c6492564e937b3ed227","after":"82a80113d92ce8160cbdfcc901eb8ebbbb3b4e94","ref":"refs/heads/master","pushedAt":"2023-08-03T21:23:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"packetrat","name":"Sean M Gallagher","path":"/packetrat","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/402587?s=80&v=4"},"commit":{"message":"Update Cryptorom_fakeapps_2.csv","shortMessageHtmlLink":"Update Cryptorom_fakeapps_2.csv"}},{"before":"6482f7685efef588d104cc72eddd5525dbb80677","after":"d8fc28f0acc8dc5b75303c6492564e937b3ed227","ref":"refs/heads/master","pushedAt":"2023-08-03T21:22:37.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"packetrat","name":"Sean M Gallagher","path":"/packetrat","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/402587?s=80&v=4"},"commit":{"message":"Update Cryptorom_fakeapps_2.csv","shortMessageHtmlLink":"Update Cryptorom_fakeapps_2.csv"}},{"before":"d9781932a24c45485163cb30a6995fd9b88e9976","after":"6482f7685efef588d104cc72eddd5525dbb80677","ref":"refs/heads/master","pushedAt":"2023-08-03T21:20:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"packetrat","name":"Sean M Gallagher","path":"/packetrat","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/402587?s=80&v=4"},"commit":{"message":"Update Cryptorom_fakeapps_2.csv","shortMessageHtmlLink":"Update Cryptorom_fakeapps_2.csv"}},{"before":"88f38d70ad200f50c84e0712b01c693df70bfe3e","after":"d9781932a24c45485163cb30a6995fd9b88e9976","ref":"refs/heads/master","pushedAt":"2023-08-03T21:18:45.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"packetrat","name":"Sean M Gallagher","path":"/packetrat","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/402587?s=80&v=4"},"commit":{"message":"Create Cryptorom_fakeapps_2.csv\n\nInitial commit","shortMessageHtmlLink":"Create Cryptorom_fakeapps_2.csv"}},{"before":"034acbe832a47d9f561383a59f3f3f69b0e1a20f","after":"88f38d70ad200f50c84e0712b01c693df70bfe3e","ref":"refs/heads/master","pushedAt":"2023-07-27T09:58:57.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dalab-sophos","name":"Matt Wixey","path":"/dalab-sophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107035408?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"46c167fe0140f38e1714478d39ee61247cd79931","after":"034acbe832a47d9f561383a59f3f3f69b0e1a20f","ref":"refs/heads/master","pushedAt":"2023-07-26T09:59:16.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"dalab-sophos","name":"Matt Wixey","path":"/dalab-sophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107035408?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"856e4134ea920ba070fbae76711465092a17f918","after":"46c167fe0140f38e1714478d39ee61247cd79931","ref":"refs/heads/master","pushedAt":"2023-07-18T21:21:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Update Troj-Ransom-GXS.csv","shortMessageHtmlLink":"Update Troj-Ransom-GXS.csv"}},{"before":"b7ec84a28c42c2f744166fee8757ca57ebb00f4e","after":"856e4134ea920ba070fbae76711465092a17f918","ref":"refs/heads/master","pushedAt":"2023-07-18T21:07:56.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"3b446298ef7863ea900a9e9f8a9452a7088d8370","after":"b7ec84a28c42c2f744166fee8757ca57ebb00f4e","ref":"refs/heads/master","pushedAt":"2023-07-11T17:07:00.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"spikesophos","name":"Andrew Brandt @ Sophos","path":"/spikesophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46902721?s=80&v=4"},"commit":{"message":"Add files via upload\n\nhttps://news.sophos.com/en-us/2023/07/11/microsoft-revokes-malicious-drivers-in-patch-tuesday-culling\t\r\n\r\nSigner details and compile dates for malicious signed drivers; Not all file hashes are available","shortMessageHtmlLink":"Add files via upload"}},{"before":"82711f7e7b85859866ebd5d1bd99df67d095f5e2","after":"3b446298ef7863ea900a9e9f8a9452a7088d8370","ref":"refs/heads/master","pushedAt":"2023-07-02T02:51:34.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"thisisagunn","name":null,"path":"/thisisagunn","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107268878?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"5c538e888a8083b85eb9840c34d59484db1c227f","after":"82711f7e7b85859866ebd5d1bd99df67d095f5e2","ref":"refs/heads/master","pushedAt":"2023-05-18T13:44:52.720Z","pushType":"push","commitsCount":1,"pusher":{"login":"packetrat","name":"Sean M Gallagher","path":"/packetrat","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/402587?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}},{"before":"d3cf7e0876821130b709c73b83591d76a5d72691","after":"5c538e888a8083b85eb9840c34d59484db1c227f","ref":"refs/heads/master","pushedAt":"2023-05-17T10:02:39.513Z","pushType":"push","commitsCount":1,"pusher":{"login":"dalab-sophos","name":"Matt Wixey","path":"/dalab-sophos","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/107035408?s=80&v=4"},"commit":{"message":"Add files via upload","shortMessageHtmlLink":"Add files via upload"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEO1q0NwA","startCursor":null,"endCursor":null}},"title":"Activity · sophoslabs/IoCs"}