ioc[.]one - OSINT Cyber Threat Intelligence Database

A study of Machete cyber espionage operations in Latin America

Show in Graph

Common Information

Type	Value
UUID	619e8435-f6a0-4b4f-9ccc-3581d972d840
Fingerprint	006d4fb405348d61b96bb63f2a7000cd4bb41178de59abaadf7332b0047cc3e4
Analysis status	DONE
Considered CTI value	1
Text language
Published	Nov. 14, 2019, 11:47 a.m.
Added to db	April 18, 2024, 11 a.m.
Last updated	Aug. 31, 2024, 1:17 a.m.
Headline	A study of Machete cyber espionage operations in Latin America
Title	A study of Machete cyber espionage operations in Latin America
Detected Hints/Tags/Attributes	148/3/124

Source URLs

	Redirection	Url
Details	Source	https://www.virusbulletin.com/uploads/pdf/magazine/2019/VB2019-Valeros-etal.pdf

URL Provider

Details	Provider	Source level domain
Details	virusbulletin.com	www.virusbulletin.com

Attributes

Details	Type	#Events	Value
Details	Domain	247	www.virusbulletin.com
Details	Domain	2	aic.fel.cvut.cz
Details	Domain	2	fel.cvut.cz
Details	Domain	3	agents.fel.cvut.cz
Details	Domain	5	com.ar
Details	Domain	2	maps.google.com.ar
Details	Domain	2	ftp.agaliarept.com
Details	Domain	2	ftp.alquimedes.net
Details	Domain	2	ftp.blogwhereyou.com
Details	Domain	2	ftp.grannegral.com
Details	Domain	2	derte.ddns.net
Details	Domain	2	skdier.ddns.net
Details	Domain	2	idrt.gotdns.ch
Details	Domain	3	mcsi.gotdns.ch
Details	Domain	2	jristr.hopto.org
Details	Domain	2	maers.hopto.org
Details	Domain	2	java-mail.servepics.com
Details	Domain	2	java.dyndns-mail.com
Details	Domain	3	java.serveblog.net
Details	Domain	2	javath.myftp.org
Details	Domain	2	wbgs.3utilities.com
Details	Domain	41	ddns.net
Details	Domain	6	serveblog.net
Details	Domain	2	www.mi5.gov.uk
Details	Domain	403	securelist.com
Details	Domain	8	threatvector.cylance.com
Details	Domain	262	www.welivesecurity.com
Details	Domain	67	citizenlab.ca
Details	Domain	261	blog.talosintelligence.com
Details	Domain	20	ti.360.net
Details	Domain	4127	github.com
Details	Domain	67	www.dropbox.com
Details	Domain	23	community.riskiq.com
Details	Domain	8	www.cia.gov
Details	Domain	268	www.virustotal.com
Details	Domain	14	docs.python.org
Details	Email	2	maria.rigaki}@aic.fel.cvut.cz
Details	Email	2	babaykam@fel.cvut.cz
Details	Email	3	sebastian.garcia@agents.fel.cvut.cz
Details	File	3	clip.html
Details	File	36	key3.db
Details	File	24	signons.sql
Details	File	3	el-machete-malware-attacks-cut-through-latam.html
Details	File	8	whitepaper.pdf
Details	File	2	brazil.html
Details	File	14	docs.py
Details	File	2	platform.html
Details	File	2	cuestionario.docx
Details	File	2	ebre_de_amor.mp3
Details	File	2	saradesnuda.jpg
Details	File	2	hotbrazilianx.pps
Details	File	2	aa.docx
Details	File	2	lista_del_radg_n_0931208.jpg
Details	File	2	curriculum_vitae.pps
Details	File	2	cij_las.docx
Details	File	2	profeciademariaenfatima.pps
Details	File	2	azules_ecuatorianos.docx
Details	File	2	ca_em_dourados_ms.docx
Details	File	2	instructivo_logistico.pptx
Details	File	2	ramadan.pdf
Details	File	2	para_su_analisis.pdf
Details	File	2	reincorporacion.docx
Details	File	2	no_121523_2017.docx
Details	File	2	rdgma_07_4432.pdf
Details	File	2	no_8030923_2015.doc
Details	File	2	nicaragua.docx
Details	File	2	el_arte_de_la_guerra.ppt
Details	File	5	01.jpg
Details	File	2	justicia_transicional.pdf
Details	File	2	no_8030923_2014.doc
Details	File	2	mar_a_repartos_navales.doc
Details	File	2	mandado.docx
Details	File	2	ordenes_generales.pdf
Details	File	36	1.jpg
Details	File	2	americas.doc
Details	File	2	socioeconomicas.docx
Details	File	2	l.jpg
Details	File	2	_065.doc
Details	File	2	no_121123_2016.doc
Details	File	2	ninabonita.jpg
Details	File	2	ep.pdf
Details	File	2	cambio_de_inmueble.docx
Details	File	2	de_estado_en_desarrollo.docx
Details	File	2	suntzu.ppt
Details	File	2	713751_mc505_15.pdf
Details	File	2	prensa_nacional.docx
Details	File	2	abril_2016.zip
Details	File	2	expediente_10388.pdf
Details	File	2	virgilio_godoy.docx
Details	File	2	terremoto.pps
Details	File	2	rad-0677-ceofanb.pdf
Details	File	2	de_nicaragua.docx
Details	File	2	nacionales.pdf
Details	File	2	dieterich.docx
Details	File	2	partes_2010_farc.pdf
Details	File	2	circular_8_oct_2016.doc
Details	File	2	folleto_semblanzamono.pdf
Details	File	2	n_20sep15.doc
Details	File	2	hermosa_xxx.pps
Details	File	2	en_washigton.docx
Details	File	2	977_reg_in_co_012_v1.doc
Details	File	2	2016_00109_01.doc
Details	Github username	2	rocky
Details	Github username	3	astrand
Details	sha1	2	2789af3c36b220e87f691d1cd421faf2c572edb8
Details	IPv4	2	190.60.245.28
Details	IPv4	2	190.60.245.29
Details	Threat Actor Identifier - APT-C	83	APT-C-36
Details	Url	2	http://maps.google.com.ar/maps?f=q&source=s_q&hl=en&geocode=&q=%s
Details	Url	2	https://www.mi5.gov.uk/espionage.
Details	Url	2	https://securelist.com/el-machete/66108/.
Details	Url	2	https://threatvector.cylance.com/en_us/home
Details	Url	2	https://www.welivesecurity.com/media
Details	Url	2	https://citizenlab.ca/2015/12
Details	Url	2	https://blog.talosintelligence.com/2018/02/cannibalrat-targets-
Details	Url	2	https://ti.360.net/blog/articles/apt-c-36-continuous-attacks-targeting-
Details	Url	60	https://github.com
Details	Url	2	https://github.com/rocky
Details	Url	2	https://github.com/astrand/pyobfuscate.
Details	Url	6	https://www.dropbox.com
Details	Url	3	https://community.riskiq.com/.
Details	Url	2	https://www.cia.gov/library/publications/the-world-factbook/ﬁ
Details	Url	43	https://www.virustotal.com
Details	Url	2	https://docs.python.org/2.7