Carbanak Group Targets Executives of Financial Organizations in the Middle East
Common Information
| Type | Value |
|---|---|
| UUID | 9f82fec7-5c55-4923-9e39-ac3cadf82e4c |
| Fingerprint | 54418f475b98d7ac6539facd9c97535886c62a6c1bf61805adc3947297a0b83e |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 15, 2016, 2:23 p.m. |
| Added to db | March 12, 2024, 5:43 p.m. |
| Last updated | Aug. 31, 2024, 3:38 a.m. |
| Headline | Carbanak Group Targets Executives of Financial Organizations in the Middle East |
| Title | Carbanak Group Targets Executives of Financial Organizations in the Middle East |
| Detected Hints/Tags/Attributes | 90/3/89 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 30 | cve-2015-2545 |
|
| Details | CVE | 7 | cve-2015-1770 |
|
| Details | CVE | 48 | cve-2015-1641 |
|
| Details | CVE | 18 | cve-2014-6352 |
|
| Details | CVE | 37 | cve-2015-1701 |
|
| Details | Domain | 1 | churchmanarts.com |
|
| Details | Domain | 372 | wscript.shell |
|
| Details | Domain | 1 | damianroz.com |
|
| Details | Domain | 1 | www.carenty44.net |
|
| Details | Domain | 1 | www.googlesswe.com |
|
| Details | Domain | 403 | securelist.com |
|
| Details | Domain | 4 | www.fox-it.com |
|
| Details | Domain | 9 | blog.malwarebytes.org |
|
| Details | Domain | 370 | www.proofpoint.com |
|
| Details | Domain | 2 | godwin231.zapto.org |
|
| Details | Domain | 1 | www.craptioerne.com |
|
| Details | Domain | 1 | www.fenticpayrt.com |
|
| Details | File | 1 | wrong_amoun-01032016.doc |
|
| Details | File | 1 | 1b9d.tmp |
|
| Details | File | 1 | blesx.exe |
|
| Details | File | 57 | system.dll |
|
| Details | File | 1 | stole.dll |
|
| Details | File | 1 | captioned_transactionutrno_fftt16044002829-dtd02032016imagejpg.jar |
|
| Details | File | 98 | download.php |
|
| Details | File | 1 | request_2016-03-05-122839.doc |
|
| Details | File | 1 | 040316.doc |
|
| Details | File | 1 | sexit.exe |
|
| Details | File | 1 | vex.exe |
|
| Details | File | 5 | final.exe |
|
| Details | File | 1 | fend.png |
|
| Details | File | 2 | payment.doc |
|
| Details | File | 5 | carbanak_apt_eng.pdf |
|
| Details | File | 1 | anunak_apt-against-financial-institutions2.pdf |
|
| Details | File | 9 | invoice.doc |
|
| Details | md5 | 1 | 9280fa54ee5ac4bb7ca781d2e1e617ad |
|
| Details | md5 | 1 | 407615ec8c4c4098aba88092611cbd72 |
|
| Details | md5 | 1 | 33808e7f7837323686c10c5da1e60812 |
|
| Details | md5 | 1 | afe041f28004ee667a5683a53532206c |
|
| Details | md5 | 1 | 344b79f93d99317087403e7422b56387 |
|
| Details | md5 | 1 | 05066d4fa6abf69d861cad0537fe1a10 |
|
| Details | md5 | 1 | a066943aef22d6dde725b0334e69cba4 |
|
| Details | md5 | 1 | 436e38af991f79fab037c3e63d4f463c |
|
| Details | md5 | 1 | 155f9a071a3bf46b99c8423de4822651 |
|
| Details | md5 | 1 | 91a124c15668300d7258a6d56eababbd |
|
| Details | md5 | 1 | a56c14acef1e0e2e262b5670e539c000 |
|
| Details | md5 | 1 | 8fdb785edf3e96ef285017894b598596 |
|
| Details | md5 | 1 | ed2bc611cb95d9d988359230e90fd781 |
|
| Details | md5 | 1 | 8fe3e6c3301d959d857b9beb6a704b49 |
|
| Details | sha1 | 1 | 18f29f44d40846850a10f4eb5d217685e5853aca |
|
| Details | sha1 | 1 | 9d1fda93fdc08d28f1ec109cf187bd6b56b011e7 |
|
| Details | sha1 | 1 | 35eff02140b6c8ed8d34cfc40c5032525888632a |
|
| Details | sha1 | 1 | 51758d77f51deacd4366b51628852fcf4405a9e0 |
|
| Details | sha1 | 1 | 978db57a151baab7cf61802e3d6063c6ab25fa84 |
|
| Details | sha256 | 1 | ac63520803ce7f1343d4fa31588c1fef6abb0783980ad0ba613be749815c5900 |
|
| Details | sha256 | 1 | 73259c6eacf212e22adb095647b6ae345d42552911ac93cdf81a3e2005763e74 |
|
| Details | sha256 | 1 | 04e86912d195d9189e64d1ce80374bed3073b0fcb731f3f403822a510e76ebaa |
|
| Details | sha256 | 1 | 2a087005db13302e90156829ce2b03c01063e364da3e3db153e4f47d61038757 |
|
| Details | sha256 | 1 | 04281900f08d55a3adc80182419609faf4c49d260d18496ecb3d3b90caca0612 |
|
| Details | sha256 | 1 | 9758aa737004fc3fc6bc7d535e604324b6e42c7c19459f575083a411a4774b18 |
|
| Details | sha256 | 1 | 86c20c0e0417e73b51241a769164ddb33429a255f40e6bd1c86bed537b2eec1d |
|
| Details | sha256 | 1 | 18f29f44d40846850a10f4eb5d217685e5853acababd08c7fdf4e3106452d33c |
|
| Details | sha256 | 1 | 390cffc97ad6982a3f7c7a1bbbc65bf2abf797267b134a58581b644cb5595f26 |
|
| Details | sha256 | 1 | e8023e1362ee9240658565eabd18405e2694906a521377222984b82fdbb22714 |
|
| Details | sha256 | 1 | a56c14acef1e0e2e262b5670e539c0008fdb785edf3e96ef285017894b598596 |
|
| Details | sha256 | 1 | bf4d24021fa5210eece4dffb7d1c53450c8401b319597669680d69617fa874ba |
|
| Details | IPv4 | 1 | 78.128.92.49 |
|
| Details | IPv4 | 2 | 185.29.9.16 |
|
| Details | IPv4 | 1 | 154.16.138.74 |
|
| Details | IPv4 | 2 | 78.128.92.29 |
|
| Details | IPv4 | 1 | 172.98.202.171 |
|
| Details | IPv4 | 1 | 149.202.29.77 |
|
| Details | IPv4 | 1 | 87.120.37.90 |
|
| Details | IPv4 | 1 | 78.128.92.117 |
|
| Details | IPv4 | 1 | 93.115.38.202 |
|
| Details | IPv4 | 1 | 216.170.118.136 |
|
| Details | IPv4 | 1 | 149.202.29.114 |
|
| Details | Url | 1 | http://78.128.92.49 |
|
| Details | Url | 1 | http://churchmanarts.com/googlesqlz/22t/download.php?file=[base64 |
|
| Details | Url | 1 | http://damianroz.com/22t/download.php?file=[base64 |
|
| Details | Url | 1 | http://154.16.138.74/sexit.exe |
|
| Details | Url | 1 | http://154.16.138.74/vex.exe |
|
| Details | Url | 1 | http://172.98.202.171/famzy/final.exe |
|
| Details | Url | 1 | http://87.120.37.90/fend.png |
|
| Details | Url | 1 | https://securelist.com/files/2015/02/carbanak_apt_eng.pdf |
|
| Details | Url | 1 | https://www.fox-it.com/en/files/2014/12/anunak_apt-against-financial-institutions2.pdf |
|
| Details | Url | 1 | https://blog.malwarebytes.org/intelligence/2015/07/revisiting-the-bunitu-trojan |
|
| Details | Url | 1 | http://churchmanarts.com/googlesqlz/22t/download.php?file= |
|
| Details | Url | 1 | http://damianroz.com/22t/download.php?file=nja0mjgx |
|
| Details | Url | 1 | http://78.128.92.49/blesx.exe |