ioc[.]one - OSINT Cyber Threat Intelligence Database

New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign

Show in Graph

Common Information

Type	Value
UUID	3ce05b08-2c6f-4548-809f-ff56fd49b2f3
Fingerprint	0c5c1b283277259f244a0c4014d6c2c43878f1ec91f7ff840ad7389c2255dbe0
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 1, 2019, 10:09 a.m.
Added to db	April 14, 2024, 9:55 a.m.
Last updated	Aug. 31, 2024, 6:13 a.m.
Headline	New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign
Title	New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign
Detected Hints/Tags/Attributes	25/2/33

Source URLs

	Redirection	Url
Details	Source	https://documents.trendmicro.com/assets/Appendix-New-Fileless-Botnet-Novter-Distributed-by-KovCoreG-Malvertising-Campaign.pdf

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	documents.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	Domain	604	www.trendmicro.com
Details	Domain	1	1065695240.rsc.cdn77.org
Details	Domain	1	1118069275.rsc.cdn77.org
Details	Domain	1	bo0uiomeglecaptures.net
Details	Domain	2	uoibppop.tk
Details	File	3	05sall.js
Details	File	52	trojan.js
Details	File	9	downloader.js
Details	File	2	bav01.js
Details	File	2	em_02.js
Details	File	2	module.avi
Details	File	1	tell2.dat
Details	File	1	block_av_01.dat
Details	File	1	05sall.dat
Details	md5	1	a82dd93585094aeba4363c5aeedd1a85
Details	md5	1	ef72c60a03738b25d452a5d895313875
Details	IPv4	1	37.1.223.178
Details	IPv4	1	5.61.42.103
Details	IPv4	1	37.1.221.156
Details	IPv4	1	37.252.8.85
Details	IPv4	1	37.252.10.66
Details	IPv4	1	91.247.36.14
Details	IPv4	1	92.187.110.52
Details	IPv4	1	185.243.114.53
Details	IPv4	1	69.30.231.60
Details	IPv4	1	69.197.179.20
Details	IPv4	1	103.195.100.246
Details	IPv4	2	176.9.117.194
Details	IPv4	1	192.187.97.156
Details	Url	1	http://37.1.223.178/qmuw3fwdfw/tell2.dat
Details	Url	1	http://37.1.223.178/qmuwwedfw/block_av_01.dat
Details	Url	1	http://1065695240.rsc.cdn77.org/aefgwehh/05sall.dat
Details	Url	1	http://1118069275.rsc.cdn77.org/aefgwehh/05sall.dat