Rewterz Threat Alert – Latest AgentTesla Malware – IOCs - Rewterz
Tags
attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Denial Of Service |
Common Information
Type | Value |
---|---|
UUID | 092145f4-5c0d-44ba-aa59-286e3b05e377 |
Fingerprint | 8330b1516f15c74f |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | June 23, 2020, 11:55 a.m. |
Added to db | Dec. 19, 2024, 5:03 p.m. |
Last updated | Dec. 19, 2024, 8:37 p.m. |
Headline | Rewterz Threat Alert – Latest AgentTesla Malware – IOCs |
Title | Rewterz Threat Alert – Latest AgentTesla Malware – IOCs - Rewterz |
Detected Hints/Tags/Attributes | 20/1/20 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 3 | cve-2020-10781 |
|
Details | Domain | 10 | webcam.it |
|
Details | Domain | 2 | firewallinternationalgatewayforoffcefile.duckdns.org |
|
Details | Domain | 1 | donya-almesmar.com |
|
Details | Domain | 5 | teknik.io |
|
Details | Domain | 1 | sndykrlssnp4curruptgovernmentagencytlki.duckdns.org |
|
Details | Domain | 1 | chnes29sndyqudusisabadassniggainthebba.duckdns.org |
|
Details | Domain | 3 | abass.ir |
|
Details | Domain | 1 | officedocumentfilesharingcloudbaseservi.duckdns.org |
|
Details | IPv4 | 1 | 101.99.90.91 |
|
Details | Url | 1 | http://firewallinternationalgatewayforoffcefile.duckdns.org/bdo/vbc.exe |
|
Details | Url | 1 | http://firewallinternationalgatewayforoffcefile.duckdns.org/window/big.exe |
|
Details | Url | 1 | http://firewallinternationalgatewayforoffcefile.duckdns.org/bg/vbc.exe |
|
Details | Url | 1 | http://101.99.90.91/ulaj7qh36z7nsmo.exe |
|
Details | Url | 1 | http://donya-almesmar.com/vendor/symfony/finder/exception/files/whee.exe |
|
Details | Url | 1 | https://u.teknik.io/uvwcw.txt |
|
Details | Url | 1 | http://sndykrlssnp4curruptgovernmentagencytlki.duckdns.org/krldoc/regasm.exe |
|
Details | Url | 1 | http://chnes29sndyqudusisabadassniggainthebba.duckdns.org/secure/svchost.exe |
|
Details | Url | 1 | http://abass.ir/mazx/mazx.exe |
|
Details | Url | 1 | http://officedocumentfilesharingcloudbaseservi.duckdns.org/big/vbc.exe |