ioc[.]one - OSINT Cyber Threat Intelligence Database

XDDown Downloader Malware Tool Threat Intel Advisory | Threat Intelligence | CloudSEK

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Direct Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	01395677-1493-4693-a1ee-edd5aa4435b2
Fingerprint	f7bb7d4ff4e3aac1
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 4, 2020, midnight
Added to db	Nov. 19, 2023, 5:58 a.m.
Last updated	Sept. 4, 2024, 8:21 a.m.
Headline	XDDown Downloader Malware Tool Threat Intel Advisory
Title	XDDown Downloader Malware Tool Threat Intel Advisory \| Threat Intelligence \| CloudSEK
Detected Hints/Tags/Attributes	40/2/37

Source URLs

	Redirection	Url
Details	Source	https://www.cloudsek.com/threatintelligence/xddown-downloader-malware-tool-threat-intel-advisory

URL Provider

Details	Provider	Source level domain
Details	cloudsek.com	www.cloudsek.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	89	✔	CloudSEK Threat Intelligence	https://cloudsek.com/threatintelligence/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	365downloading.com
Details	Domain	1	boborux.com
Details	Domain	1	chtcc.net
Details	Domain	1	cracratutu.com
Details	Domain	1	daftsync.com
Details	Domain	1	documentsklad.com
Details	Domain	2	download-365.com
Details	Domain	1	downloadsprimary.com
Details	Domain	1	dropsklad.com
Details	Domain	1	easytosay.org
Details	Domain	1	ferrariframework.com
Details	Domain	1	file-download.org
Details	Domain	1	filedownload.email
Details	Domain	1	getthatupdate.com
Details	Domain	1	jerseygameengine.com
Details	Domain	1	maiwegwurst.com
Details	Domain	1	migration-info.com
Details	Domain	1	minisnowhair.com
Details	Domain	1	nomatterwhat.info
Details	Domain	1	officeupdtcentr.com
Details	Domain	1	seatwowave.com
Details	Domain	1	wildboarcontest.com
Details	Domain	1	forgeron.tk
Details	Domain	1	jahre999.tk
Details	Domain	1	omgtech.000space.com
Details	Domain	1	podzim.tk
Details	Domain	1	porfavor876.tk
Details	Domain	1	replacerc.000space.com
Details	File	1	%appdata%\wininit\winlogon.exe
Details	File	1	nomatterwhat.inf
Details	sha1	1	63b988d0869c6a099c7a57aafea612a90e30c10f
Details	sha1	1	bb7a10f816d6fffecb297d0bae3bc2c0f2f2ffc6
Details	sha1	1	ae34bedbd39da813e094e974a9e181a686d66069
Details	sha1	1	b807756e9cd7d131bd42c2f681878c7855063fe2
Details	IPv4	1	62.213.213.170
Details	IPv4	1	93.63.198.40
Details	IPv4	1	95.215.60.53