ioc[.]one - OSINT Cyber Threat Intelligence Database

OperatiOn WOOLen-GOLDFiSH

Show in Graph

Common Information

Type	Value
UUID	b71e58e6-b8cf-4993-a49c-5e98d8c4152d
Fingerprint	59f4e01c2cbca97b6287393c406a64a89a24ad7645eb06cdea58fc162e2fbd86
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 19, 2015, 3:58 p.m.
Added to db	March 10, 2024, 12:27 a.m.
Last updated	Aug. 31, 2024, 3:10 a.m.
Headline	OperatiOn WOOLen-GOLDFiSH
Title	OperatiOn WOOLen-GOLDFiSH
Detected Hints/Tags/Attributes	114/3/97

Source URLs

	Redirection	Url
Details	Source	https://documents.trendmicro.com/assets/wp/wp-operation-woolen-goldfish.pdf

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	documents.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	Autonomous System Number	1	AS32475
Details	Domain	1	av.zerodays.ir
Details	Domain	1	livenetsat.com
Details	Domain	287	yahoo.com
Details	Domain	1	joinebiz.com
Details	Domain	1	www.cplusplus.com
Details	Domain	768	www.youtube.com
Details	Domain	604	www.trendmicro.com
Details	Domain	268	www.virustotal.com
Details	Domain	78	securityaffairs.co
Details	Domain	1	www.iabg.de
Details	Email	1	mehdi_mahdavi@yahoo.com
Details	Email	1	technical@joinebiz.com
Details	File	1205	index.php
Details	File	1	program.ppt
Details	File	193	ntuser.dat
Details	File	1	%temp%\ntsuser.exe
Details	File	2	wsc.vbs
Details	File	3	wlg.dat
Details	sha1	2	07a77f8b9f0fcc93504dfba2d7d9d26246e5878f
Details	sha1	2	ec692cf82aef16cf61574b5d15e5c5f8135df288
Details	sha1	2	788d881f3bb2c82e685a98d8f405f375c0ac2162
Details	sha1	2	2c3edde41e9386bafef248b71974659543a3d774
Details	sha1	2	0f4bf1d89d080ed318597754e6d3930f8eec49b0
Details	sha1	2	2627cdc3324375e6f41f93597a352573e45c0f1e
Details	sha1	2	ad6c9b003285e01fc6a02148917e95c780c7d751
Details	sha1	2	9579e65e3ae6f03ff7d362be05f9beca07a8b1b3
Details	sha1	2	4711f063a0c67fb11c05efdb40424377799efafd
Details	sha1	2	e2728cabb35c210599e248d0da9791991e38eb41
Details	sha1	2	ae18bb317909e16f765ba2e88c3d72d648db2798
Details	sha1	2	ed5615ffb5578f1adee66f571ec65a992c033a50
Details	sha1	2	0482fc2e332918456b9c97d8a9590781095b2b53
Details	sha1	2	a9245de692c16f90747388c09e9d02c3ee34577e
Details	sha1	2	6571f2b9a0aea89f45899b256458da78ac51e6bb
Details	sha1	2	c727b8c43943986a888a0428ae7161ff001bf603
Details	sha1	2	1a999a131144afe8cb7316ebb842da4f38101ac5
Details	sha1	2	f51de6c25ff8e1d9783ed5ac13a53d1c0ea3ef33
Details	sha1	4	d5b2b30fe2d4759c199e3659d561a50f88a7fb2e
Details	sha1	2	8074ed48b99968f5d36a494cdeb9f80685beb0f5
Details	sha1	2	e6964d467bd99e20bfef556d4ad663934407fd7b
Details	sha1	2	fd8793ce4ca23988562794b098b9ed20754f8a90
Details	sha1	2	6e30d3ef2cd0856ff28adce4cc012853840f6440
Details	sha1	2	25d3688763e33eac1428622411d6dda1ec13dd43
Details	sha1	2	729f9ce76f20822f48dac827c37024fe4ab8ff70
Details	sha1	2	86222ef166474e53f1eb6d7e6701713834e6fee7
Details	sha1	4	476489f75fed479f19bac02c79ce1befc62a6633
Details	sha1	2	c1edf6e3a271cf06030cc46cbd90074488c05564
Details	sha1	2	c6db3e7e723f20ed3bcf4c53fc4748e9591f4c40
Details	sha1	2	cabdfe7e9920aeaa5eaca7f5415d97f564cdec11
Details	sha1	2	ce03790d1df81165d092e89a077c495b75a14013
Details	sha1	2	e8dbcde49c7f760165ebb0cb3452e4f1c24981f5
Details	sha1	2	efd1c6a926095d36108177045db9ad21df926a6e
Details	sha1	2	fa5b587ceb5d17f26fe580aca6c02ff2e20ad3c4
Details	sha1	2	fe3436294f302a93fbac389291dd20b41b038cba
Details	sha1	2	ffead364ae7a692afec91740d24649396e0fa981
Details	sha1	2	0b0cdf47363fd27bccbfba6d47b842e44a365723
Details	sha1	2	02b04563ef430797051aa13e48971d3490c80636
Details	sha1	2	7ad0eb113bc575363a058f4bf21dbab8c8f7073a
Details	sha1	2	7fef48e1303e40110798dfec929ad88f1ad4fbd8
Details	sha1	2	22f6a61aa2d490b6a3bc36e93240d05b1e9b956a
Details	sha1	2	37ad0e426f4c423385f1609561422a947a956398
Details	sha1	2	47b1c9caabe3ae681934a33cd6f3a1b311fd7f9f
Details	sha1	2	53340f9a49bc21a9e7267173566f4640376147d9
Details	sha1	2	58045d7a565f174df8efc0de98d6882675fbb07f
Details	sha1	2	62172eee1a4591bde2658175dd5b8652d5aead2a
Details	sha1	2	a42f1ad2360833baedd2d5f59354c4fc3820c475
Details	sha1	2	5d334e0cb4ff58859e91f9e7f1c451ffdc7544c3
Details	IPv4	1	83.170.33.60
Details	IPv4	1	83.170.33.37
Details	IPv4	1	83.170.43.67
Details	IPv4	1	83.170.33.80
Details	IPv4	1	84.11.26.230
Details	IPv4	1	84.11.75.220
Details	IPv4	2	84.11.146.55
Details	IPv4	1	84.11.146.0
Details	IPv4	1	84.11.146.255
Details	IPv4	1	84.11.26.224
Details	IPv4	1	84.11.26.255
Details	IPv4	1	84.11.37.128
Details	IPv4	1	84.11.37.159
Details	IPv4	1	84.11.75.192
Details	IPv4	1	84.11.75.255
Details	IPv4	1	83.170.33.32
Details	IPv4	1	83.170.33.63
Details	IPv4	1	83.170.33.64
Details	IPv4	1	83.170.33.95
Details	IPv4	1	83.170.43.64
Details	IPv4	1	83.170.43.95
Details	IPv4	2	107.6.181.116
Details	Pdb	2	cwoolger.pdb
Details	Url	1	http://www.cplusplus.com/reference/ctime/tm
Details	Url	2	https://www.youtube.com/watch?v=wihkovlhdj0
Details	Url	1	http://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware
Details	Url	4	https://www.virustotal.com/.
Details	Url	1	http://securityaffairs.co/wordpress/28170/cyber-crime/gholee-malware.
Details	Url	1	http://av.zerodays.ir/.
Details	Url	1	http://www.iabg.de/en/.