Operation Kabar Cobra
Common Information
| Type | Value |
|---|---|
| UUID | 63f935c8-40e5-4028-80cd-a6d276b56deb |
| Fingerprint | b0a59f5dcc11e43b2a959553a2c5360e163de604eae792165a655d513fc706c8 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 9, 2019, 10:32 a.m. |
| Added to db | March 10, 2024, 12:40 a.m. |
| Last updated | Aug. 31, 2024, 5:53 a.m. |
| Headline | Operation Kabar Cobra |
| Title | Operation Kabar Cobra |
| Detected Hints/Tags/Attributes | 89/4/105 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 437 | cve-2017-11882 |
|
| Details | CVE | 115 | cve-2018-8174 |
|
| Details | Domain | 54 | www.ahnlab.com |
|
| Details | Domain | 1 | reference.zip |
|
| Details | Domain | 1299 | gmail.com |
|
| Details | Domain | 52 | xhr.open |
|
| Details | Domain | 2 | 0x0ed6d109-0xed81000.mem.pe |
|
| Details | Domain | 2 | navem-rnail.hol.es |
|
| Details | Domain | 2 | myaccounnts-goggle.esy.es |
|
| Details | Domain | 3 | bmail-or-kr.esy.es |
|
| Details | Domain | 2 | aiyac-updaite.hol.es |
|
| Details | Domain | 2 | rnyacount-jpadmin.hol.es |
|
| Details | Domain | 2 | ms-performance.hol.es |
|
| Details | Domain | 4 | suppcrt-seourity.esy.es |
|
| Details | Domain | 2 | ahnniab.esy.es |
|
| Details | Domain | 2 | daum-safety-team.esy.es |
|
| Details | Domain | 2 | myacccounts-goggle.esy.es |
|
| Details | Domain | 2 | myacccount-goggle.esy.es |
|
| Details | Domain | 2 | nav-mail.hol.es |
|
| Details | Domain | 2 | mail-support.esy.es |
|
| Details | Domain | 5 | my-homework.890m.com |
|
| Details | Domain | 2 | nid-mail.hol.es |
|
| Details | Domain | 2 | nid-mail.esy.es |
|
| Details | Domain | 2 | wall.cab |
|
| Details | Domain | 2 | nid-mail.pe.hu |
|
| Details | Domain | 2 | newsea36-chol.esy.es |
|
| Details | Domain | 2 | acount-qooqle.pe.hu |
|
| Details | Domain | 2 | myprofileacc.pe.hu |
|
| Details | Domain | 2 | customer-center.esy.es |
|
| Details | Domain | 2 | need-nver.hol.es |
|
| Details | Domain | 2 | daum-settting.hol.es |
|
| Details | Domain | 2 | nid-never.pe.hu |
|
| Details | Domain | 2 | nid-naver.hol.es |
|
| Details | 2 | countine.protector.mail@gmail.com |
||
| Details | File | 3 | 참고.zip |
|
| Details | File | 1 | reference.zip |
|
| Details | File | 4 | freedom.dll |
|
| Details | File | 2 | ahnlabmon.dll |
|
| Details | File | 15 | board.php |
|
| Details | File | 3 | list.dll |
|
| Details | File | 2 | cobra.dll |
|
| Details | File | 21 | core.dll |
|
| Details | File | 1102 | rundll32.exe |
|
| Details | File | 498 | regsvr32.exe |
|
| Details | File | 427 | notepad.exe |
|
| Details | File | 2 | ar.xls |
|
| Details | File | 2 | alyacmonitor.db |
|
| Details | File | 2 | secu32_init.inf |
|
| Details | File | 2 | private32.db |
|
| Details | File | 2 | tvengine.dll |
|
| Details | File | 2 | ariak.dll |
|
| Details | File | 2 | iecheck.dll |
|
| Details | File | 2 | 45d3.tmp |
|
| Details | File | 2 | msmpqhp.exe |
|
| Details | File | 4 | fontchk.js |
|
| Details | File | 6 | pe.exe |
|
| Details | File | 2 | hwpkor.dll |
|
| Details | File | 4 | tmp.dll |
|
| Details | File | 2 | notepad64.exe |
|
| Details | File | 2 | wall.cab |
|
| Details | md5 | 2 | 20301fdd013c836039b8cfe0d100a1d7 |
|
| Details | md5 | 2 | b02f3881321f0912b2ae3f27498c448f |
|
| Details | md5 | 2 | cd705902ea42d0de2a8456b055c3bb87 |
|
| Details | md5 | 3 | 54783422cfd7029a26a3f3f5e9087d8a |
|
| Details | md5 | 2 | b7359ae1a83323d3671e7c3a63ce7bf1 |
|
| Details | md5 | 2 | b994bd755e034d2218f8a3f70e91a165 |
|
| Details | md5 | 2 | ba89337af43f0b07a35cc892ac95112a |
|
| Details | md5 | 2 | 874c0ec36be15fe3403f3abad6ecea75 |
|
| Details | md5 | 3 | ab73b1395938c48d62b7eeb5c9f3409d |
|
| Details | md5 | 5 | f22db1e3ea74af791e34ad5aa0297664 |
|
| Details | md5 | 2 | 11fc4829c2fff9fb240acbd71c60fc67 |
|
| Details | md5 | 2 | 6106449779d453be4ae28d89f207e921 |
|
| Details | md5 | 2 | 95410a32a76aecb099af53255bb90737 |
|
| Details | md5 | 2 | dc1196876d9a59ab477ebc62d07a255e |
|
| Details | md5 | 2 | 0eb739c8faf77dae0546ff447ad06038 |
|
| Details | md5 | 2 | 242c31d0ce2109fdface788663e90f49 |
|
| Details | md5 | 2 | 66b73fba4e47b3184edd75b0ce9cf928 |
|
| Details | md5 | 2 | 71ec829db01818d305552ec4ebb1c258 |
|
| Details | md5 | 2 | 9c3396aa94083916227201bf1396a2ca |
|
| Details | md5 | 2 | 1dfe826f71c20ff04987a9160c177e46 |
|
| Details | md5 | 3 | 48d9e625ea3efbcbef3963c8714544a7 |
|
| Details | md5 | 5 | 4de21c3af64b3b605446278de92dfff4 |
|
| Details | md5 | 2 | b49bbc11ed000211a5af7eb35f596886 |
|
| Details | md5 | 3 | 8332be776617364c16868c1ad6b4efe7 |
|
| Details | md5 | 2 | 9d685308d3125e14287ecb7fbe5fcd37 |
|
| Details | md5 | 2 | bb42e6649d927899c816cc04c2bffc06 |
|
| Details | md5 | 2 | 2fdf23367c604511d019a6914c50bc0b |
|
| Details | md5 | 2 | AEA8D3002132094A58D5189A8E886CF8 |
|
| Details | md5 | 2 | 08523230E221246BB59CDE7C3E8363C7 |
|
| Details | md5 | 2 | 2f26f3a883aeca9a11769664fc7d4750 |
|
| Details | md5 | 2 | 566cc6129dc887629a7131821c7547e5 |
|
| Details | md5 | 2 | a45ba001c3abee03bda49c6816d9a17c |
|
| Details | md5 | 2 | 1DFE826F71C20FF04987A9160C177E46 |
|
| Details | md5 | 2 | 1A082A388A285E7FC4541124794F3910 |
|
| Details | md5 | 2 | 71EC829DB01818D305552EC4EBB1C258 |
|
| Details | md5 | 2 | 9D685308D3125E14287ECB7FBE5FCD37 |
|
| Details | md5 | 2 | 874C0EC36BE15FE3403F3ABAD6ECEA75 |
|
| Details | md5 | 2 | 4DE21C3AF64B3B605446278DE92DFFF4 |
|
| Details | md5 | 2 | 95410A32A76AECB099AF53255BB90737 |
|
| Details | md5 | 2 | 0a50827a4897a43a882c8d3c691d943d |
|
| Details | md5 | 2 | 02dae3046d1669a55785ba935b0e3f0b |
|
| Details | md5 | 2 | 74c3011b6980bea23d119822d979a364 |
|
| Details | md5 | 2 | 54783422CFD7029A26A3F3F5E9087D8A |
|
| Details | md5 | 2 | B49BBC11ED000211A5AF7EB35F596886 |
|
| Details | IPv4 | 4 | 185.224.138.29 |