Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys
Tags
attack-pattern: Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 0f139c15-9f9f-4cb2-ad82-69b3c90079d1
Fingerprint a525270d86beaf1a
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 13, 2023, 11:22 p.m.
Added to db Feb. 14, 2023, 3:08 p.m.
Last updated Nov. 17, 2024, 6:30 p.m.
Headline Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys
Title Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys
Detected Hints/Tags/Attributes 17/1/3
Source URLs
Redirection Url
Details Source https://www.hackread.com/typosquatting-abquery-package-aabquerys/
URL Provider
Details Provider Source level domain
Details hackread.com www.hackread.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 707 
google.com
Details File 1 
wscproxy.exe
Details File 6 
demon.bin