Липкий клон: MimiStick — подражатели или эволюция Sticky Werewolf
Tags
| attack-pattern: | Mmc - T1218.014 |
Common Information
| Type | Value |
|---|---|
| UUID | 057b9372-ec40-4a2b-9c5a-8cfdf49a8816 |
| Fingerprint | d898debb5ba0e463 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 24, 2024, 3:27 p.m. |
| Added to db | Sept. 30, 2024, 2:01 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Липкий клон: MimiStick — подражатели или эволюция Sticky Werewolf |
| Title | Липкий клон: MimiStick — подражатели или эволюция Sticky Werewolf |
| Detected Hints/Tags/Attributes | 17/1/48 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://habr.com/ru/companies/f_a_c_c_t/news/845766/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | techitzone.ru |
|
| Details | Domain | 1 | about-tech.ru |
|
| Details | Domain | 1 | orkprank.ru |
|
| Details | Domain | 1 | borosan.ru |
|
| Details | Domain | 1 | mysafer.ru |
|
| Details | Domain | 1 | rtxcore.ru |
|
| Details | Domain | 1 | min-trud-gov.ru |
|
| Details | Domain | 1 | min-trud.gov |
|
| Details | Domain | 246 | mail.ru |
|
| Details | 1 | info@min-trud-gov.ru |
||
| Details | 1 | min-trud.gov@mail.ru |
||
| Details | File | 409 | c:\windows\system32\cmd.exe |
|
| Details | File | 1 | th.txt |
|
| Details | File | 1 | ce%h%tutil.exe |
|
| Details | File | 1 | xkiq.txt |
|
| Details | File | 1 | wqhe.exe |
|
| Details | File | 226 | certutil.exe |
|
| Details | File | 1 | c:\users\admin\appdata\local\temp\th.txt |
|
| Details | File | 1 | c:\users\admin\appdata\local\temp\xkiq.txt |
|
| Details | File | 1 | %temp%\xkiq.txt |
|
| Details | File | 1 | %temp%\wqhe.exe |
|
| Details | File | 1 | %temp%\17_09_2024_0.pdf |
|
| Details | File | 1 | 25-09-2024.7z |
|
| Details | File | 1 | 17_09_2024.pdf |
|
| Details | File | 20 | stage2.exe |
|
| Details | File | 3 | 1.7z |
|
| Details | md5 | 1 | 79e8525ffb6903067c0a8452be73594c |
|
| Details | md5 | 1 | 0756de02dd3b4be840d31c8871148f7f |
|
| Details | md5 | 1 | 873454911a81a6c892838c44cbb3059b |
|
| Details | md5 | 1 | 7e151444c98ef2cf084eed8e6d4be807 |
|
| Details | md5 | 1 | 5ed144351c41eb690d86c523690eb265 |
|
| Details | md5 | 1 | 725e5068bd68c3d055f3a814f402a8be |
|
| Details | md5 | 1 | 67aa63c4518a3604e37f89ad0d39a34d |
|
| Details | sha1 | 1 | 3100e869b1052dee920f7f2ca35da60abdf5aac0 |
|
| Details | sha1 | 1 | 3fba74f0f7f91f665ad68db9004f1fec3486595b |
|
| Details | sha1 | 1 | 2849ad434d55b8f2bc067c37903b5ff5bad01dbd |
|
| Details | sha1 | 1 | efd81a26fd43124d435bc0223c5f42839f793d42 |
|
| Details | sha1 | 1 | e8ba03b13f9b51abcc9a539d09f98b61b2b4ccd0 |
|
| Details | sha1 | 1 | c15716d127961eb1ca4c4d6192af6e1c5c8a2d8d |
|
| Details | sha256 | 1 | 5ad093aa3eaf2bb76003f8f2f9de9b1368640aa320fa8d77df2c773f75186a71 |
|
| Details | sha256 | 1 | 3877f9fd6b21ee735130421dcf997cf000ae66b20a1c6a490f23431b2f95fa90 |
|
| Details | sha256 | 1 | 65096aa2895025d94b934eb4198ea160e067e8e5c97d9ea252cb2de3870b7b2f |
|
| Details | sha256 | 1 | 8d83a598aa61a3f2e61bfdcdfc7b29b4c8d357eb43562d349053defa1ce50d78 |
|
| Details | sha256 | 1 | ff16334c4cbbfed4bfca23436493397d0465c643cce6cbe41426067bb1ce14ff |
|
| Details | sha256 | 1 | b262dd5373213c5af573a08b409f8142c7f9f92b19536d7d78b4515d23452321 |
|
| Details | IPv4 | 1 | 193.124.33.141 |
|
| Details | IPv4 | 1 | 213.183.54.123 |
|
| Details | Url | 1 | https://213.183.54.123:8444/inter-regular.woff/-eebejb0dx9dbuihje0hjqoeoekolr-p4xek6wsss0tufscidsqyb23qz_pr_6tmamedhpyem74y-_jv0fo3t12fkp7bqwukhcqkeciyya1oqhgzh9qfrivkgm0n3jnnc1zqenuj-d2ndxl4aumkrbo7jrdvo6bbxfxw4s |