MoustachedBouncer
Show in Graph
Image Description
Common Information
Type Value
UUID 64dce560-6b20-4f97-a60b-04e75302ef27
Fingerprint 6e28054945965f1d684dfaa178b1a55e1b2c438727c29ad14ca3c5d21e1d40ff
Analysis status DONE
Considered CTI value 1
Text language
Published Aug. 10, 2023, 2:30 p.m.
Added to db April 14, 2024, 3:15 a.m.
Last updated Aug. 31, 2024, 4:55 a.m.
Headline MoustachedBouncer
Title MoustachedBouncer
Detected Hints/Tags/Attributes 61/2/33
Source URLs
Redirection Url
Details Source https://i.blackhat.com/BH-US-23/Presentations/US-23-MatthieuFaou-MoustachedBouncer.pdf
URL Provider
Details Provider Source level domain
Details blackhat.com i.blackhat.com
Attributes
Details Type #Events CTI Value
Details CVE 45 
cve-2021-1732
Details CVE 34 
cve-2022-27926
Details Domain 114 
eset.com
Details Domain 262 
www.welivesecurity.com
Details Domain 1 
msftconnecttest.com
Details Domain 5 
updates.microsoft.com
Details Domain 1 
globaltelemetry.org
Details Domain 1 
facebooklogger.org
Details Domain 1 
hotkeysstatus.com
Details Domain 2 
oscp-avanguard.com
Details Email 1 
matthieu.faou@eset.com
Details File 6 
eset_turla_mosquito.pdf
Details File 1 
microsoftupdate845255.exe
Details File 1 
officebroker.exe
Details File 17 
aact.exe
Details File 1 
outlooksync.exe
Details File 1 
oracletelemetry.exe
Details File 1 
driverconfigurator.exe
Details File 4 
logger.exe
Details File 1 
checkme.exe
Details File 1 
svhvost.exe
Details File 1 
schvost.exe
Details File 1 
gfr45.cfg
Details File 24 
c:\windows\system32\calc.exe
Details File 8 
error.jsp
Details File 16 
auth.js
Details IPv4 3 
35.214.56.2
Details IPv4 3 
209.19.37.184
Details IPv4 3 
59.6.8.25
Details IPv4 3 
52.3.8.25
Details IPv4 1 
117.61.84.5
Details Url 5 
https://www.welivesecurity.com/wp-content/uploads/2018/01/eset_turla_mosquito.pdf
Details Url 1 
https://oscp-avanguard.com