ioc[.]one - OSINT Cyber Threat Intelligence Database

VMware Exposing Malware In Linux Based Multi Cloud Environments

Show in Graph

Common Information

Type	Value
UUID	cde1bbc1-daf0-4eaf-8e79-ffea841fb609
Fingerprint	3df0c487c63e29aabef8e83159b9674c1ff18300acd22d29c10c9512bdb79c5f
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 8, 2022, 2:13 p.m.
Added to db	April 14, 2024, 12:58 a.m.
Last updated	Aug. 31, 2024, 6:05 a.m.
Headline	VMware Exposing Malware In Linux Based Multi Cloud Environments
Title	VMware Exposing Malware In Linux Based Multi Cloud Environments
Detected Hints/Tags/Attributes	264/4/85

Source URLs

	Redirection	Url
Details	Source	https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/docs/vmw-exposing-malware-in-linux-based-multi-cloud-environments.pdf

URL Provider

Details	Provider	Source level domain
Details	vmware.com	www.vmware.com

Attributes

Details	Type	#Events	Value
Details	Domain	16	minexmr.com
Details	Domain	1	nanopool.com
Details	Domain	11	supportxmr.com
Details	Domain	3	mexalz.us
Details	Domain	8	monerohash.com
Details	Domain	7	moneroocean.stream
Details	Domain	12	pool.hashvault.pro
Details	Domain	21	pool.minexmr.com
Details	Domain	31	pool.supportxmr.com
Details	Domain	6	xmr-eu1.nanopool.org
Details	Domain	4	xmr-eu2.nanopool.org
Details	Domain	9	xmr.f2pool.com
Details	Domain	4	xmr.pool.gntl.co.uk
Details	Domain	1	xmr.nanopool.org
Details	Domain	6	libs.so
Details	Domain	117	ld.so
Details	Domain	46	ld-linux-x86-64.so
Details	Domain	1	pixel.gi
Details	Domain	14	azureedge.net
Details	Domain	368	microsoft.com
Details	Domain	51	msn.com
Details	Domain	12	skype.com
Details	Domain	2	visualstudio.com
Details	Domain	6	azure.com
Details	Domain	1	global.prod.fastly.net
Details	Domain	31	nytimes.com
Details	Domain	5	yelp.com
Details	Domain	16	bbc.com
Details	Domain	3	usatoday.com
Details	Domain	28	forbes.com
Details	Domain	14	theguardian.com
Details	Domain	27	cnn.com
Details	Domain	2	stackexchange.com
Details	Domain	26	reddit.com
Details	Domain	4	ebpf.io
Details	Domain	97	virustotal.com
Details	Domain	20	vmware.com
Details	File	1	tm.gif
Details	File	8	updates.rss
Details	File	10	visit.js
Details	File	18	ga.js
Details	File	3	l.js
Details	File	2	t.xml
Details	File	1	gigabigsvc.dll
Details	md5	1	294b8db1f2702b60fb2e42fdc50c2cee
Details	md5	1	6a5046112da9a5703a548a4fa50477bc
Details	md5	1	3db3e55b16a7b1b1afb970d5e77c5d98
Details	md5	1	4baec501cd3c6318c8bceb4cf5c8b394
Details	md5	1	856639ce9212eb1329c8a59f89f0f97e
Details	md5	1	590ccfa17cf705285509a4ae3ae50f38
Details	md5	1	bfcb5a68d595cf49d2b372f35bbaacc5
Details	md5	1	09a004fff9ae1f2b5ff7ded5bcfaf389
Details	md5	1	f6d8de448cad7e9a2587b75d8894c69d
Details	md5	1	90419b03b90efe0c2c708294b40ced50
Details	md5	2	9cdb3fca6156c6cbed2f01d6431b3dfb
Details	md5	2	531c720aae6e053b9db9be8e7b56f78f
Details	sha1	1	2322a87e5a86ac36f71d745a4b290772f4b3614e
Details	sha256	2	7129434afc1fec276525acfeee5bb08923ccd9b32269638a54c7b452f5493492
Details	IPv4	10	194.145.227.21
Details	IPv4	7	80.211.206.105
Details	IPv4	4	104.224.169.214
Details	IPv4	3	185.118.164.198
Details	IPv4	3	185.118.166.66
Details	IPv4	2	45.144.31.31
Details	IPv4	2	149.248.62.83
Details	IPv4	1	104.168.30.164
Details	IPv4	3	185.118.166.205
Details	IPv4	1	45.144.29.242
Details	IPv4	1	185.250.151.18
Details	IPv4	2	45.142.214.242
Details	IPv4	1	45.142.214.56
Details	IPv4	1	45.67.229.168
Details	IPv4	1	45.153.231.194
Details	IPv4	1	194.156.98.214
Details	IPv4	1	52.157.171.98
Details	MITRE ATT&CK Techniques	42	T1027.005
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	120	T1129
Details	MITRE ATT&CK Techniques	245	T1016
Details	MITRE ATT&CK Techniques	97	T1497.001
Details	MITRE ATT&CK Techniques	107	T1496
Details	Pdb	1	c:\workspace\spy\cobaltstrike-client-vc2008\release\gigabigsvc.pdb
Details	Threat Actor Identifier - APT	522	APT41