TrendLabs
Common Information
| Type | Value |
|---|---|
| UUID | 95dc17d0-2bf1-4198-99e2-e1c755a6dd99 |
| Fingerprint | b4e0adbe4c51e28f4b8cd9c0ee9f9c2fe75972a534f5f9e713ce815a6d2feb66 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 27, 2018, 6:03 p.m. |
| Added to db | April 14, 2024, 10:48 a.m. |
| Last updated | Aug. 30, 2024, 10:50 p.m. |
| Headline | TrendLabs |
| Title | TrendLabs |
| Detected Hints/Tags/Attributes | 66/2/50 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | pop.tz365.vip |
|
| Details | Domain | 1 | setup.20170101.info |
|
| Details | Domain | 2 | setup.gohub.online |
|
| Details | Domain | 2 | gatedailymirror.info |
|
| Details | Domain | 2 | redteamshop.info |
|
| Details | Domain | 2 | ask.thesupporthelp.com |
|
| Details | Domain | 1 | data.supportithelp.com |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 2 | wiki.asp |
|
| Details | File | 172 | dllhost.exe |
|
| Details | File | 7 | coredll.bin |
|
| Details | File | 2 | coredll.dll |
|
| Details | File | 1 | simplified.js |
|
| Details | File | 5 | malware.js |
|
| Details | File | 1 | policy.js |
|
| Details | File | 1 | fileop.bin |
|
| Details | File | 40 | cryptbase.dll |
|
| Details | File | 44 | payload.bin |
|
| Details | File | 1 | prekernel.bin |
|
| Details | File | 1 | msexploit.bin |
|
| Details | File | 1 | atmfont.bin |
|
| Details | File | 25 | config.js |
|
| Details | File | 1 | config2.js |
|
| Details | File | 6 | setup.bin |
|
| Details | File | 1 | arksig.js |
|
| Details | File | 1 | ccmain.cfg |
|
| Details | File | 3 | ccmain.bin |
|
| Details | File | 1206 | index.php |
|
| Details | File | 13 | ip.php |
|
| Details | File | 1 | rdpci21.sys |
|
| Details | File | 1 | kevp.sys |
|
| Details | File | 1 | troj_maload.cfg |
|
| Details | File | 1 | 360verify.dll |
|
| Details | File | 1 | bdlogicutils.dll |
|
| Details | File | 1 | hwsignature.dll |
|
| Details | File | 2 | kdump.dll |
|
| Details | File | 19 | core.dll |
|
| Details | File | 7 | dump.bin |
|
| Details | File | 3 | kernel.bin |
|
| Details | sha1 | 1 | f8ff6f15fe09ad16b234db9e3a746e468abe8b5a |
|
| Details | sha1 | 1 | a62af9e220c47f37fdc7c4c5527c5fc744b82d9f |
|
| Details | sha1 | 1 | 395c9c64426721527effa384afcde57f10e199e6 |
|
| Details | sha1 | 1 | 56e1fafe7b81aab17765c5bd080f93cf2366553a |
|
| Details | sha1 | 1 | 03662ac576ec50d388f87055d2f4295f56f7e682 |
|
| Details | IPv4 | 1 | 144.202.87.106 |
|
| Details | IPv4 | 1 | 103.35.72.231 |
|
| Details | IPv4 | 2 | 103.35.72.223 |
|
| Details | Url | 1 | http://144.202.87.106/index.php |
|
| Details | Url | 1 | http://103.35.72.231/ip.php |