When you gaze into the Bottle,…
Common Information
Type | Value |
---|---|
UUID | 95582fa2-7078-4b3e-8eab-24f7071db523 |
Fingerprint | f611288a64a8cc8c8947a648ebcbf84a8621814078b455950c62accfff8b2bab |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Jan. 26, 2021, 4:29 p.m. |
Added to db | March 12, 2024, 7:43 p.m. |
Last updated | Aug. 31, 2024, 5:06 a.m. |
Headline | When you gaze into the Bottle,… |
Title | When you gaze into the Bottle,… |
Detected Hints/Tags/Attributes | 31/1/96 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://jsac.jpcert.or.jp/archive/2021/pdf/JSAC2021_103_koike-takai_jp.pdf |
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 106 | cve-2018-8174 |
|
Details | CVE | 59 | cve-2018-15982 |
|
Details | CVE | 43 | cve-2020-0674 |
|
Details | Domain | 4127 | github.com |
|
Details | Domain | 4 | ftp.cadwork.ch |
|
Details | Domain | 1 | freddy-ru.starlink.ru |
|
Details | Domain | 7 | archive.torproject.org |
|
Details | Domain | 3 | app.update.auto |
|
Details | Domain | 1 | www.bank-japanpostpo.jp |
|
Details | Domain | 1 | www.bank-japanpost.com |
|
Details | Domain | 1 | www.jp-bamk.jp |
|
Details | Domain | 1 | www.jp-bank.japanp0st.jp |
|
Details | Domain | 1 | www.jp-bank.japampost.jp |
|
Details | Domain | 3 | tike.hatenablog.com |
|
Details | Domain | 2 | cionx.inteleksys.com |
|
Details | Domain | 1 | vtfound.tk |
|
Details | Domain | 4 | inteleksys.com |
|
Details | Domain | 1 | conforyou.ml |
|
Details | Domain | 1 | cyoumer.tk |
|
Details | Domain | 1 | cdnsok.tk |
|
Details | Domain | 1 | dnstod.tk |
|
Details | Domain | 1 | tokmix.tk |
|
Details | Domain | 1 | sortsoft.tk |
|
Details | Domain | 1 | softbring.tk |
|
Details | Domain | 1 | cksoft.tk |
|
Details | Domain | 1 | ddx2.dh57x.com |
|
Details | Domain | 1 | chrome5302785133.zip |
|
Details | Domain | 1 | e7biunhxnia2336s.onion |
|
Details | Domain | 1 | skmeym7dr5mq2b41.onion |
|
Details | Domain | 1373 | twitter.com |
|
Details | File | 1 | pageがmain.js |
|
Details | File | 74 | main.js |
|
Details | File | 1 | 攻撃対象であると判断した場合はconn.php |
|
Details | File | 4 | conn.php |
|
Details | File | 4 | vbs.vbs |
|
Details | File | 1 | かswf.swf |
|
Details | File | 2 | swf.swf |
|
Details | File | 1 | shellcodeがconn.php |
|
Details | File | 1 | レスポンスを%temp%配下にsvchost.exe |
|
Details | File | 2 | r.js |
|
Details | File | 1 | あるいはjquery.js |
|
Details | File | 1 | shellcodeがpd.bin |
|
Details | File | 1 | あるいはp.jpg |
|
Details | File | 1 | %temp%配下にsvchost.exe |
|
Details | File | 1 | あるいはa.dll |
|
Details | File | 88 | 1.txt |
|
Details | File | 1 | pd.bin |
|
Details | File | 1 | とsvchost.exe |
|
Details | File | 1122 | svchost.exe |
|
Details | File | 12 | unzip.exe |
|
Details | File | 10 | 8.zip |
|
Details | File | 33 | tor.exe |
|
Details | File | 62 | taskhost.exe |
|
Details | File | 7 | vmmouse.sys |
|
Details | File | 2 | vmusbmouse.sys |
|
Details | File | 2 | vmrawdsk.sys |
|
Details | File | 5 | vboxmouse.sys |
|
Details | File | 6 | vboxguest.sys |
|
Details | File | 3 | vboxsf.sys |
|
Details | File | 5 | vboxvideo.sys |
|
Details | File | 1018 | rundll32.exe |
|
Details | File | 1208 | powershell.exe |
|
Details | File | 3 | i.txt |
|
Details | File | 1 | xo.txt |
|
Details | File | 1 | xn.txt |
|
Details | File | 199 | firefox.exe |
|
Details | File | 56 | iexplorer.exe |
|
Details | File | 271 | chrome.exe |
|
Details | File | 131 | spoolsv.exe |
|
Details | File | 478 | lsass.exe |
|
Details | File | 18 | a.dll |
|
Details | File | 1 | ディレクトリ以下のtaskhost.exe |
|
Details | File | 156 | 1.exe |
|
Details | File | 45 | 1.zip |
|
Details | File | 1 | あるいはrundll32.exe |
|
Details | File | 1 | chrome5302785133.zip |
|
Details | File | 10 | connect.php |
|
Details | Github username | 2 | maxpl0it |
|
Details | IPv4 | 5 | 0.3.5.8 |
|
Details | IPv4 | 1 | 5.188.231.236 |
|
Details | IPv4 | 1 | 111.90.151.176 |
|
Details | IPv4 | 1 | 66.42.51.168 |
|
Details | IPv4 | 8 | 139.99.115.204 |
|
Details | IPv4 | 1 | 139.180.136.22 |
|
Details | IPv4 | 1 | 156.32.15.3 |
|
Details | Url | 1 | https://github.com/maxpl0it/cve-2020-0674-exploit |
|
Details | Url | 4 | ftp://ftp.cadwork.ch/dvd_v20/cadwork.dir/com/unzip.exe |
|
Details | Url | 1 | ftp://freddy-ru.starlink.ru/ckjlag/antivir/sdfix/apps/unzip.exe |
|
Details | Url | 3 | https://archive.torproject.org/tor-package-archive/torbrowser/8.0.8/tor-win32-0.3.5.8.zip |
|
Details | Url | 1 | https://x.x/8.p |
|
Details | Url | 1 | https://tike.hatenablog.com/entry/2019/12/28/234925 |
|
Details | Url | 1 | https://archive.torproject.org/tor-package- |
|
Details | Url | 1 | http://ddx2.dh57x.com/test/chrome5302785133.zip |
|
Details | Url | 1 | http://e7biunhxnia2336s.onion/conn.php |
|
Details | Url | 1 | http://skmeym7dr5mq2b41.onion/connect.php |
|
Details | Url | 1 | https://twitter.com/globalntt_jp |