Sodinokibi 勒索病毒利用 CVE-2018- 8453 发起攻击 传播
Show in Graph
Image Description
Common Information
Type Value
UUID abab0b0d-3771-4e66-b06f-76870dca7c7d
Fingerprint 2430ee6d9ae14cf3a7ee987189550e5bcf85403c0e6eaed792af73e0b310a892
Analysis status DONE
Considered CTI value 2
Text language
Published June 11, 2020, 11:08 a.m.
Added to db March 9, 2024, 11:41 p.m.
Last updated Aug. 30, 2024, 10:24 p.m.
Headline Sodinokibi 勒索病毒利用 CVE-2018- 8453 发起攻击 传播
Title Sodinokibi 勒索病毒利用 CVE-2018- 8453 发起攻击 传播
Detected Hints/Tags/Attributes 1/0/35
Source URLs
Redirection Url
Details Source http://pub1-bjyt.s3.360.cn/bcms/Sodinokibi%E5%8B%92%E7%B4%A2%E7%97%85%E6%AF%92%E5%88%A9%E7%94%A8CVE-2018-8453%E5%8F%91%E8%B5%B7%E6%94%BB%E5%87%BB.pdf
URL Provider
Details Provider Source level domain
Details 360.cn pub1-bjyt.s3.360.cn
Attributes
Details Type #Events CTI Value
Details CVE 49 
cve-2018-8453
Details CVE 66 
cve-2019-2725
Details Domain 1 
ooloolabc.com
Details File 1 
通常使用powershell.exe
Details File 1 
或certutil.exe
Details File 1 
이미지.jpg
Details File 1 
0508.doc
Details File 1 
aoofof.exe
Details File 1 
wolf.exe
Details File 1 
fox.exe
Details File 3 
dog.exe
Details File 1 
ment.exe
Details File 13 
office.exe
Details File 2 
untitled.exe
Details File 3 
radm.exe
Details File 1 
horse.exe
Details md5 1 
8e00206418ab31539111515533a9953f
Details md5 1 
77fcd5f32613cec97cd2ebd2922685d2
Details md5 1 
5648049aade846e138f4d7c80b592505
Details md5 1 
145ba213336bbb05c09d2bcf198aa3bd
Details IPv4 1 
165.22.155.69
Details IPv4 3 
188.166.74.218
Details IPv4 4 
45.55.211.79
Details IPv4 1 
68.183.62.59
Details Url 1 
http://ooloolabc.com/aoofof.exe
Details Url 1 
http://165.22.155.69/wolf.exe
Details Url 1 
http://188.166.74.218/go.b64
Details Url 1 
http://188.166.74.218/fox.exe
Details Url 1 
http://188.166.74.218/dog.exe
Details Url 1 
http://188.166.74.218/ment.exe
Details Url 1 
http://188.166.74.218/office.exe
Details Url 2 
http://188.166.74.218/untitled.exe
Details Url 2 
http://188.166.74.218/radm.exe
Details Url 2 
http://45.55.211.79/.cache/untitled.exe
Details Url 1 
http://68.183.62.59/horse.exe