Behind a Malware Lifecycle and Infection Chain
Common Information
| Type | Value |
|---|---|
| UUID | 7c6404cc-3785-43dd-959a-7781ff9895ae |
| Fingerprint | 8942c4990880d0e8c38a69ffa9128929477d1d0cfdf8c9065361194f9a73b69a |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 13, 2017, 12:19 p.m. |
| Added to db | April 14, 2024, 3:02 a.m. |
| Last updated | Aug. 31, 2024, 4:58 a.m. |
| Headline | Behind a Malware Lifecycle and Infection Chain |
| Title | Behind a Malware Lifecycle and Infection Chain |
| Detected Hints/Tags/Attributes | 57/2/100 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | download.macromedia.com |
|
| Details | Domain | 1 | lowbalance.su |
|
| Details | Domain | 1 | oldfirefox.su |
|
| Details | Domain | 1 | irishjuice.su |
|
| Details | Domain | 1 | everydaypp.ru |
|
| Details | Domain | 1 | nitmurmansk.su |
|
| Details | Domain | 1 | brokenpiano.ru |
|
| Details | Domain | 1 | declaration-customsunion.com |
|
| Details | Domain | 1 | accreditations-shop.com |
|
| Details | Domain | 1 | operation-manual.com |
|
| Details | Domain | 1 | icon.com |
|
| Details | Domain | 1 | accreditation-laboratories.com |
|
| Details | Domain | 1 | catalog-equipment.com |
|
| Details | Domain | 1 | controller-best.com |
|
| Details | Domain | 1 | seo-pronew.com |
|
| Details | Domain | 1 | contoller-best.com |
|
| Details | Domain | 1 | techtickletv.com |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 1 | soft32.dll |
|
| Details | File | 2 | soft64.dll |
|
| Details | md5 | 1 | d38a9b4d0c17c954080b86bb79a25272 |
|
| Details | md5 | 1 | 54b5c261ecbd63118f1a135cb4f091d6 |
|
| Details | md5 | 1 | 7166665cf5d69422fb710009161faf64 |
|
| Details | md5 | 1 | 44994d7d75e6c6f215d239bba5d8f411 |
|
| Details | IPv4 | 1 | 198.154.224.48 |
|
| Details | IPv4 | 1 | 65.254.49.118 |
|
| Details | IPv4 | 1 | 212.81.134.56 |
|
| Details | IPv4 | 1 | 212.81.134.57 |
|
| Details | IPv4 | 1 | 174.127.103.45 |
|
| Details | IPv4 | 1 | 198.58.102.172 |
|
| Details | IPv4 | 1 | 74.117.158.3 |
|
| Details | IPv4 | 1 | 70.32.94.46 |
|
| Details | IPv4 | 1 | 178.207.18.188 |
|
| Details | IPv4 | 1 | 173.255.241.19 |
|
| Details | IPv4 | 1 | 194.38.104.218 |
|
| Details | IPv4 | 1 | 162.248.167.184 |
|
| Details | IPv4 | 1 | 65.254.49.116 |
|
| Details | IPv4 | 1 | 178.18.18.30 |
|
| Details | IPv4 | 1 | 122.155.167.122 |
|
| Details | IPv4 | 1 | 61.90.197.150 |
|
| Details | IPv4 | 1 | 27.254.40.105 |
|
| Details | IPv4 | 1 | 69.164.221.7 |
|
| Details | IPv4 | 1 | 209.160.65.96 |
|
| Details | IPv4 | 1 | 166.78.145.146 |
|
| Details | IPv4 | 1 | 46.28.68.144 |
|
| Details | IPv4 | 1 | 162.144.37.28 |
|
| Details | IPv4 | 1 | 198.154.216.149 |
|
| Details | IPv4 | 1 | 178.21.117.34 |
|
| Details | IPv4 | 1 | 162.213.250.124 |
|
| Details | IPv4 | 1 | 203.151.23.69 |
|
| Details | IPv4 | 1 | 70.32.85.69 |
|
| Details | IPv4 | 1 | 192.162.19.1 |
|
| Details | IPv4 | 1 | 192.162.19.122 |
|
| Details | IPv4 | 1 | 46.161.41.219 |
|
| Details | Url | 1 | http://download.macromedia.com/pub |
|
| Details | Url | 1 | http://lowbalance.su |
|
| Details | Url | 1 | http://oldfirefox.su |
|
| Details | Url | 1 | http://irishjuice.su |
|
| Details | Url | 1 | http://everydaypp.ru |
|
| Details | Url | 1 | http://nitmurmansk.su |
|
| Details | Url | 1 | http://brokenpiano.ru |
|
| Details | Url | 1 | http://198.154.224.48:8080 |
|
| Details | Url | 1 | http://65.254.49.118:8080 |
|
| Details | Url | 1 | http://212.81.134.56:1080 |
|
| Details | Url | 1 | http://212.81.134.57:1080 |
|
| Details | Url | 1 | http://174.127.103.45:443 |
|
| Details | Url | 1 | http://198.58.102.172:8080 |
|
| Details | Url | 1 | http://74.117.158.3:443 |
|
| Details | Url | 1 | http://70.32.94.46:8080 |
|
| Details | Url | 1 | http://178.207.18.188:443 |
|
| Details | Url | 1 | http://173.255.241.19:8080 |
|
| Details | Url | 1 | http://194.38.104.218:443 |
|
| Details | Url | 1 | http://162.248.167.184:443 |
|
| Details | Url | 1 | http://65.254.49.116:8080 |
|
| Details | Url | 1 | http://178.18.18.30:443 |
|
| Details | Url | 1 | http://122.155.167.122:8080 |
|
| Details | Url | 1 | http://61.90.197.150:8080 |
|
| Details | Url | 1 | http://27.254.40.105:8080 |
|
| Details | Url | 1 | http://69.164.221.7:443 |
|
| Details | Url | 1 | http://209.160.65.96:8080 |
|
| Details | Url | 1 | http://166.78.145.146:443 |
|
| Details | Url | 1 | http://46.28.68.144:8080 |
|
| Details | Url | 1 | http://162.144.37.28:8080 |
|
| Details | Url | 1 | http://198.154.216.149:8080 |
|
| Details | Url | 1 | http://178.21.117.34:8080 |
|
| Details | Url | 1 | http://162.213.250.124:8080 |
|
| Details | Url | 1 | http://203.151.23.69:8080 |
|
| Details | Url | 1 | http://70.32.85.69:8080 |
|
| Details | Url | 1 | http://192.162.19.1 |
|
| Details | Url | 1 | http://192.162.19.122/b/pkg/t5030redacted |
|
| Details | Url | 1 | http://declaration-customsunion.com |
|
| Details | Url | 1 | http://operation-manual.com |
|
| Details | Url | 1 | http://accreditation-laboratories.com |
|
| Details | Url | 1 | http://46.161.41.219/b/pkg/t5030redacted”,”searchurl”:”http://catalog-equipment.com |
|
| Details | Url | 1 | http://46.161.41.219/b/pkg/t5030redacted”,”searchurl”:”http://controller-best.com |
|
| Details | Url | 1 | http://46.161.41.219/b/pkg/t5030redacted”,”searchurl”:”http://seo-pronew.com |
|
| Details | Url | 1 | http://46.161.41.219/b/pkg/t5030redacted |
|
| Details | Windows Registry Key | 188 | HKCU\Software\Microsoft\Windows\CurrentVersion\Run |
|
| Details | Windows Registry Key | 36 | HKCU\Software |