New MuddyWater Activities Uncovered:
Common Information
| Type | Value |
|---|---|
| UUID | 1ef777d0-330b-49cd-9eda-93b5720956e6 |
| Fingerprint | 0d52f31709ecb0f005712987abba4a7703314395795aa1b190fcc5b397735cac |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 26, 2019, 5:53 p.m. |
| Added to db | April 14, 2024, 11:40 a.m. |
| Last updated | Aug. 30, 2024, 11 p.m. |
| Headline | New MuddyWater Activities Uncovered: |
| Title | New MuddyWater Activities Uncovered: |
| Detected Hints/Tags/Attributes | 120/2/91 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | googleads.hopto.org |
|
| Details | Domain | 1 | trojan.w97m.cve20170199.ci |
|
| Details | Domain | 1 | hacktool.win64.lazagne.ac |
|
| Details | Domain | 3 | hacktool.win32.mpacket.sm |
|
| Details | Domain | 2 | gladiyator.tk |
|
| Details | Domain | 1 | amazo0n.serveftp.com |
|
| Details | Domain | 1 | zstoreshoping.ddns.net |
|
| Details | Domain | 1 | shopcloths.ddns.net |
|
| Details | Domain | 1 | getgooogle.hopto.org |
|
| Details | Domain | 1 | www.shareliverpoolfc.co.uk |
|
| Details | Domain | 1 | valis-ti.cl |
|
| Details | Domain | 1 | www.latvia-usa.org |
|
| Details | Domain | 1 | ciscoupdate2019.gotdns.ch |
|
| Details | Domain | 1 | www.jsonstore.io |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | File | 38 | trojan.ps1 |
|
| Details | File | 1209 | powershell.exe |
|
| Details | File | 2127 | cmd.exe |
|
| Details | File | 1 | afghanistanelection.apk |
|
| Details | File | 1 | sload.rtf |
|
| Details | File | 1 | win64.py |
|
| Details | File | 1 | win32.py |
|
| Details | File | 52 | trojan.js |
|
| Details | File | 53 | main.php |
|
| Details | md5 | 1 | 02f54da6c6f2f87ff7b713d46e058ded |
|
| Details | md5 | 1 | ac1cedabd693643bb7f6dfe994b2105d |
|
| Details | md5 | 1 | de4a1622b498c1cc989be1a1480a23f4 |
|
| Details | md5 | 1 | c4e9cd25e729a329cfadb7594c714358 |
|
| Details | sha1 | 1 | d698c1d492332f312487e027d0665970b0462ace |
|
| Details | sha1 | 1 | 546827070540db43843b8328bdb81f450cd1254b |
|
| Details | sha1 | 1 | b134bde3d8d141b9b4e824adaac87fc3eb40d3ab |
|
| Details | sha1 | 1 | 19e69e5925b9fac1a104fc37b06de42043276c17 |
|
| Details | IPv4 | 1 | 78.129.139.131 |
|
| Details | IPv4 | 1 | 103.13.67.4 |
|
| Details | IPv4 | 1 | 80.80.163.182 |
|
| Details | IPv4 | 1 | 80.90.87.201 |
|
| Details | IPv4 | 1 | 91.187.114.210 |
|
| Details | IPv4 | 17 | 192.168.1.104 |
|
| Details | IPv4 | 1 | 163.172.147.222 |
|
| Details | IPv4 | 1 | 78.129.139.148 |
|
| Details | IPv4 | 1 | 31.171.154.67 |
|
| Details | IPv4 | 1 | 79.106.224.203 |
|
| Details | IPv4 | 1 | 185.34.16.82 |
|
| Details | IPv4 | 1 | 104.237.233.17 |
|
| Details | IPv4 | 1 | 46.99.148.96 |
|
| Details | IPv4 | 1 | 134.19.215.3 |
|
| Details | IPv4 | 1 | 51.77.97.65 |
|
| Details | IPv4 | 1 | 185.14.248.26 |
|
| Details | IPv4 | 2 | 185.162.235.182 |
|
| Details | IPv4 | 1 | 185.117.75.116 |
|
| Details | IPv4 | 2 | 38.132.99.167 |
|
| Details | IPv4 | 2 | 185.244.149.218 |
|
| Details | IPv4 | 2 | 185.185.25.175 |
|
| Details | IPv4 | 2 | 82.102.8.101 |
|
| Details | IPv4 | 1 | 104.237.233.38 |
|
| Details | IPv4 | 1 | 104.237.255.212 |
|
| Details | IPv4 | 1 | 88.99.17.148 |
|
| Details | IPv4 | 1 | 104.237.233.40 |
|
| Details | IPv4 | 1 | 78.129.139.134 |
|
| Details | Url | 1 | http://78.129.139.148 |
|
| Details | Url | 1 | http://31.171.154.67 |
|
| Details | Url | 1 | http://79.106.224.203 |
|
| Details | Url | 1 | http://185.34.16.82 |
|
| Details | Url | 1 | http://104.237.233.17 |
|
| Details | Url | 1 | http://46.99.148.96 |
|
| Details | Url | 1 | http://134.19.215.3:443 |
|
| Details | Url | 1 | http://gladiyator.tk |
|
| Details | Url | 1 | http://51.77.97.65 |
|
| Details | Url | 1 | http://185.14.248.26 |
|
| Details | Url | 1 | http://185.162.235.182 |
|
| Details | Url | 1 | http://185.117.75.116/tmp.php |
|
| Details | Url | 2 | http://38.132.99.167/crf.txt |
|
| Details | Url | 1 | http://185.244.149.218/jpegdownload/*.jpeg |
|
| Details | Url | 1 | http://185.185.25.175/ref45.php |
|
| Details | Url | 1 | http://185.185.25.175/sdownloads/*.jpeg |
|
| Details | Url | 1 | http://82.102.8.101/bcerrxy.php |
|
| Details | Url | 1 | http://zstoreshoping.ddns.net/users.php?tname= |
|
| Details | Url | 1 | http://www.shareliverpoolfc.co.uk/js/main.php |
|
| Details | Url | 1 | http://valis-ti.cl/assets/main.php |
|
| Details | Url | 1 | http://www.latvia-usa.org/wp-includes/customize/main.php |
|
| Details | Url | 1 | http://googleads.hopto.org/data/ce28e899a8d3d00a.dat |
|
| Details | Url | 1 | http://ciscoupdate2019.gotdns.ch/users.php? |
|
| Details | Url | 1 | https://www.jsonstore.io/4de4d6d84d17638b3cd0eaf18857 |
|
| Details | Url | 1 | https://www.jsonstore.io/ddf35a64bd5ad54f9de868a84cdb2 |
|
| Details | Url | 1 | https://104.237.233.38:8080/yizdgrm_4mrn_mb8pdhl_ |
|
| Details | Url | 1 | https://104.237.255.212:443/gfabcrpi14rarcgvm- |
|
| Details | Url | 1 | https://104.237.233.38:1022/aeacre65xe9sdvn3cjws9g |
|
| Details | Url | 1 | https://104.237.233.38:8080/nud2wcl9wztiaomcufmb |
|
| Details | Url | 1 | https://88.99.17.148:443/3g- |
|
| Details | Url | 1 | https://104.237.233.40:8443/zi5w0idm6alegcwdnumyyw |
|
| Details | Url | 1 | https://78.129.139.134:8864/lzkp68tth_bpzghmmwxnp |