Spelevo exploit kit IOCs
Recently, Malwarebytes Labs captured an unusual change with the Spelevo exploit kit where, after an attempt to trigger vulnerabilities in Internet Explorer and Flash Player, users were immediately redirected to a decoy adult site. Spelevo EK instructs the browser to load this site, which social engineers victims into installing a video codec in order to play a movie. This appears to be an effort from the Spelevo EK operator to double his chances of compromising new machines.
Ursnif/Gozi
7212b70a0cdb4607f577e627211052e37ef01036e9231d9e286fc5e40974fd42
Qbot/Qakbot
1814deb94c42647f946b271fe9fc2baa6adae71df2b84f4854d36eda69979f93
1bbde8cee82550d4d57e4d6ee8faa9cbcbc6bdabf5873e494c47a1eb671fb7b5
Decoy adult site
lookatmyvideo[.]com
185.251.38[.]70
Credits: https://blog.malwarebytes.com/
These IOCs were disclosed by Malwarebytes Labs and can be found here.