Análisis de Malware en python servido desde Gitlab.com
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Python - T1059.006 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 0f8bccfe-5154-49e8-8769-53a71aa668a1
Fingerprint 7812dc41a68057f7
Analysis status DONE
Considered CTI value 0
Text language
Published Aug. 12, 2023, 10:01 a.m.
Added to db Aug. 12, 2023, 12:31 p.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline Análisis de Malware en python servido desde Gitlab.com
Title Análisis de Malware en python servido desde Gitlab.com
Detected Hints/Tags/Attributes 38/2/44
Source URLs
Redirection Url
Details Source https://medium.com/@ic3_2k/an%C3%A1lisis-de-malware-en-python-servido-desde-gitlab-com-c90741e130a1?source=rss------cybersecurity-5
URL Provider
Details Provider Source level domain
Details medium.com medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 67 
gitlab.com
Details Domain 19 
document.zip
Details Domain 2 
libb1.py
Details Domain 46 
datetime.now
Details Domain 123 
ipinfo.io
Details Domain 2 
now.day
Details Domain 2 
adsmanager.facebook.com
Details Domain 71 
aes.new
Details Domain 145 
api.telegram.org
Details Domain 2 
screenshot.save
Details File 1 
c:\users\public\pub.bat
Details File 1209 
powershell.exe
Details File 1 
c:\users\public\publicc.bat
Details File 1 
publicc.bat
Details File 2 
windowssecure.bat
Details File 1 
python310__1___1_.zip
Details File 2 
c:\\users\\public\\document.zip
Details File 1 
c:\\users\\public\\document\\libb1.py
Details File 1 
c:\\users\\public\\document\\python c:\\users\\public\\document\\libb1.py
Details File 2 
libb1.py
Details File 16 
document.zip
Details File 7 
platform.pl
Details File 124 
os.sys
Details File 271 
chrome.exe
Details File 22 
cursor.exe
Details File 39 
pass.txt
Details File 1 
cursor_credit.exe
Details File 1 
credit.txt
Details File 1 
cursor2.exe
Details File 1 
x.json
Details File 1 
cookiefb.txt
Details File 15 
screenshot.png
Details File 2 
c:\users\public\document.zip
Details Gitlab username 1 
ffhfghgh03
Details Url 1 
https://gitlab.com/ffhfghgh03/03pro03/-/raw/main/bat1008di1
Details Url 1 
https://gitlab.com/ffhfghgh03/03pro03
Details Url 1 
https://gitlab.com/ffhfghgh03/03pro03/-/raw/main/startu
Details Url 1 
https://gitlab.com/ffhfghgh03/03pro03/-/raw/main/python310__1___1_.zip
Details Url 1 
https://gitlab.com/ffhfghgh03/03pro03/-/raw/main/bot1008di1
Details Url 1 
https://ipinfo.io").text
Details Url 1 
https://adsmanager.facebook.com/adsmanager/manage
Details Url 1 
https://adsmanager.facebook.com/adsmanager/manage/campaigns?act={idx}
Details Url 1 
https://graph.facebook.com/v16.0
Details Url 33 
https://api.telegram.org/bot