Threat Advisory
Show in Graph
Image Description
Common Information
Type Value
UUID 401c316d-f5f7-48ac-8a58-a6ca9b754e94
Fingerprint f2408976b1059d3b2a8e3178858424c3257b61b8a4aeda85a2e38e5ac1d9eff7
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 19, 2024, 11:11 a.m.
Added to db Feb. 7, 2024, 7:43 p.m.
Last updated Aug. 31, 2024, 2:26 a.m.
Headline Threat Advisory
Title Threat Advisory
Detected Hints/Tags/Attributes 73/1/64
Source URLs
Redirection Url
Details Source https://www.hivepro.com/wp-content/uploads/2024/01/Androxgh0st-Malware-Uses-Stealthy-Tactics-in-Pilfering-Credentials_TA2024023.pdf
URL Provider
Details Provider Source level domain
Details hivepro.com www.hivepro.com
Attributes
Details Type #Events CTI Value
Details CVE 44 
cve-2021-41773
Details CVE 12 
cve-2018-15133
Details Domain 4 
download.asyncfox.xyz
Details Domain 1 
main.dsn.ovh
Details Domain 291 
raw.githubusercontent.com
Details Domain 1 
tangible-drink.surge.sh
Details Domain 1 
chainventures.co.uk
Details Domain 1 
mc.rockylinux.si
Details Domain 358 
pastebin.com
Details Domain 469 
www.cisa.gov
Details Domain 157 
www.oracle.com
Details Domain 2 
laravel.com
Details Domain 23 
httpd.apache.org
Details Domain 435 
www.hivepro.com
Details File 1 
main.dsn
Details File 3 
marijuana.php
Details File 1 
configx.txt
Details File 4 
evil.txt
Details File 1 
compromise-associated-with-adroxgh0st-malware_0.pdf
Details File 5 
cpuoct2021.html
Details File 7 
vulnerabilities_24.html
Details md5 1 
95f745a5db131b1ca34e44848fd52edb
Details md5 1 
3fae93618edffe4331d18d8b8e6df693
Details md5 1 
c1070aca9fcff4a32934e6c8aee4ea48
Details md5 1 
9039ae16e5aaa63d9ffe88dfaf0f5108
Details md5 1 
fe53c38f61588efd90af97185e315612
Details md5 2 
62a06bea8c6e276b5e532944cfc863e5
Details md5 1 
6e793efe40e355643423f53de43952d3
Details md5 1 
1fb78440dc44b0900b27260a16d9771e
Details sha1 1 
06641b9b3b5088c48c7660ad3bf160bc87a929fd
Details sha1 1 
7d1beb03c32db43f5edd4c28f3c905954e40dbd6
Details sha1 1 
59ce7486745b08d1adba49f2413133c441194986
Details sha1 1 
79d3143a47dc02768ff5fda8dbcf464c5cdf115b
Details sha1 2 
09bd9b17a64b20ba66582dbc3ce08169697177a8
Details sha1 1 
270e1c883b498eaff08550e823f5cac21bff54e5
Details sha1 1 
452ec481734a78597b928e29c834d0e43fb2c7e2
Details sha1 1 
5fae94432540ade68eabce94140c9a5be153b3c8
Details IPv4 2 
45.95.147.236
Details MITRE ATT&CK Techniques 56 
T1595.002
Details MITRE ATT&CK Techniques 5 
T1583.005
Details MITRE ATT&CK Techniques 21 
T1583.006
Details MITRE ATT&CK Techniques 542 
T1190
Details MITRE ATT&CK Techniques 59 
T1059.006
Details MITRE ATT&CK Techniques 306 
T1078
Details MITRE ATT&CK Techniques 104 
T1505.003
Details MITRE ATT&CK Techniques 86 
T1136
Details MITRE ATT&CK Techniques 25 
T1027.010
Details MITRE ATT&CK Techniques 89 
T1552.001
Details MITRE ATT&CK Techniques 585 
T1083
Details MITRE ATT&CK Techniques 168 
T1046
Details MITRE ATT&CK Techniques 89 
T1114
Details MITRE ATT&CK Techniques 492 
T1105
Details Url 1 
http://45.95.147.236/tmp.x86_64
Details Url 1 
http://download.asyncfox.xyz/download/xmrig.x86_64
Details Url 1 
http://main.dsn.ovh/dns/pwer
Details Url 1 
http://raw.githubusercontent.com/0x5a455553/marijuana/mast
Details Url 1 
http://tangible-drink.surge.sh/configx.txt
Details Url 1 
https://chainventures.co.uk/.well
Details Url 1 
https://mc.rockylinux.si/seoforce/triggers/files/evil.txt
Details Url 1 
https://pastebin.com/raw/zw0gampc
Details Url 1 
https://www.cisa.gov/sites/default/files/2024-01/aa24-016a-known-indicators-of-
Details Url 5 
https://www.oracle.com/security-alerts/cpuoct2021.html
Details Url 1 
https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
Details Url 6 
https://httpd.apache.org/security/vulnerabilities_24.html