Malware spam: "Credit details ID: 87320357" leads to Teslacrypt
Tags
| country: | Hong Kong Saudi Arabia Ukraine |
| attack-pattern: | Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 13196471-7e04-4bb3-8ac3-7e5d98e6ae56 |
| Fingerprint | 1645b8eb2e73858f |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 14, 2016, 3:50 p.m. |
| Added to db | Jan. 18, 2023, 8:26 p.m. |
| Last updated | Sept. 4, 2024, 8:13 p.m. |
| Headline | Dynamoo's Blog |
| Title | Malware spam: "Credit details ID: 87320357" leads to Teslacrypt |
| Detected Hints/Tags/Attributes | 17/2/24 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | giveitallhereqq.com |
|
| Details | Domain | 1 | washitallawayff.com |
|
| Details | Domain | 2 | kel52.com |
|
| Details | Domain | 2 | myredhour.com |
|
| Details | Domain | 4 | controlfreaknetworks.com |
|
| Details | Domain | 4 | sappmtraining.com |
|
| Details | File | 4 | 69.exe |
|
| Details | File | 3 | 80.exe |
|
| Details | File | 1 | binstr.php |
|
| Details | File | 1 | wcspng.php |
|
| Details | IPv4 | 1 | 198.1.95.93 |
|
| Details | IPv4 | 2 | 54.212.162.6 |
|
| Details | IPv4 | 1 | 212.119.87.77 |
|
| Details | IPv4 | 1 | 78.135.108.94 |
|
| Details | IPv4 | 1 | 178.18.99.23 |
|
| Details | IPv4 | 1 | 31.47.179.11 |
|
| Details | IPv4 | 1 | 31.134.39.52 |
|
| Details | IPv4 | 1 | 119.247.218.165 |
|
| Details | IPv4 | 1 | 113.252.180.39 |
|
| Details | IPv4 | 1 | 37.115.24.106 |
|
| Details | IPv4 | 1 | 5.248.2.179 |
|
| Details | IPv4 | 1 | 193.169.134.215 |
|
| Details | IPv4 | 1 | 5.166.207.194 |
|
| Details | IPv4 | 1 | 46.172.219.246 |