Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi
Common Information
| Type | Value |
|---|---|
| UUID | f7320e0d-98d5-4517-a5e3-5bdbc82eb2bc |
| Fingerprint | 56d35e664e9b1964e7a251339acaa99ab7564ba0ed3d16b1eb2aa4b389bfbcb9 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 4, 2019, 5:24 p.m. |
| Added to db | April 14, 2024, 10:47 a.m. |
| Last updated | Aug. 30, 2024, 10:49 p.m. |
| Headline | Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi |
| Title | Latest Spam Campaigns from TA505 Now Using New Malware Tools Gelup and FlowerPippi |
| Detected Hints/Tags/Attributes | 62/3/14 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | krselectrical.co.uk |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | File | 27 | computerdefaults.exe |
|
| Details | File | 18 | winsat.exe |
|
| Details | File | 17 | propsys.dll |
|
| Details | File | 2 | schetasks.exe |
|
| Details | File | 1 | c:\windows\api.config |
|
| Details | File | 1 | %temp%\up.config |
|
| Details | File | 351 | recycle.bin |
|
| Details | File | 1 | c:\windows \system32\computerdefaults.exe |
|
| Details | File | 2 | c:\windows\write.exe |
|
| Details | File | 2126 | cmd.exe |
|
| Details | md5 | 1 | 736769476A5162373558736B71703962 |
|
| Details | Url | 1 | http://krselectrical.co.uk/pes1.exe |