malware-ioc/donot at master · eset/malware-ioc
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 14ae2b85-04be-44c3-a1b8-f9a2c82fd169 |
| Fingerprint | b5f80debf4b2ad37 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | Jan. 18, 2022, midnight |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 17, 2024, 5:55 p.m. |
| Headline | Donot Team — Indicators of Compromise |
| Title | malware-ioc/donot at master · eset/malware-ioc |
| Detected Hints/Tags/Attributes | 15/1/60 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://github.com/eset/malware-ioc/tree/master/donot |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | Domain | 2 | request.soundedge.live |
|
| Details | Domain | 2 | share.printerjobs.xyz |
|
| Details | Domain | 2 | submin.seasonsbackup.xyz |
|
| Details | Domain | 2 | request.submitonline.club |
|
| Details | Domain | 2 | oceansurvey.club |
|
| Details | Domain | 2 | firm.tplinkupdates.space |
|
| Details | Domain | 2 | space.lovingallupdates.life |
|
| Details | Domain | 3 | soundvista.club |
|
| Details | Domain | 2 | request.resolverequest.live |
|
| Details | Domain | 2 | digitalresolve.live |
|
| Details | Domain | 2 | printersolutions.live |
|
| Details | Domain | 2 | packetbite.live |
|
| Details | Domain | 2 | biteupdates.live |
|
| Details | Domain | 2 | dataupdates.live |
|
| Details | Domain | 2 | info.printerupdates.online |
|
| Details | Domain | 2 | manage.biteupdates.site |
|
| Details | File | 2 | cdc.dll |
|
| Details | File | 2 | wbiosr.exe |
|
| Details | File | 3 | vdsc.exe |
|
| Details | File | 4 | wuaupdt.exe |
|
| Details | File | 2 | gedit.exe |
|
| Details | File | 2 | wscs.exe |
|
| Details | File | 2 | hxedit.exe |
|
| Details | File | 2 | lmpss.exe |
|
| Details | File | 2 | disc.exe |
|
| Details | File | 6 | 2020.doc |
|
| Details | File | 2 | vbtr.dll |
|
| Details | File | 2 | bcs01276.tmp |
|
| Details | File | 2 | msdn022.dll |
|
| Details | File | 5 | winhlp.exe |
|
| Details | File | 2 | nprint.exe |
|
| Details | File | 2 | innod.exe |
|
| Details | File | 3 | prodot.exe |
|
| Details | File | 3 | apic.dll |
|
| Details | File | 2 | njhy65tg.dll |
|
| Details | File | 2 | rihana.exe |
|
| Details | File | 5 | acrobat.dll |
|
| Details | File | 2 | remember.exe |
|
| Details | File | 2 | forbidden.exe |
|
| Details | File | 2 | serviceup.exe |
|
| Details | File | 2 | srcot.exe |
|
| Details | File | 2 | upsvcsu.exe |
|
| Details | File | 2 | sdudate.exe |
|
| Details | File | 2 | ndexid.exe |
|
| Details | File | 2 | ertficial.dll |
|
| Details | File | 2 | msofficedll.dll |
|
| Details | File | 2 | sccmo.exe |
|
| Details | File | 2 | pscmo.exe |
|
| Details | File | 6 | 21.doc |
|
| Details | File | 2 | ctlm.dll |
|
| Details | File | 2 | jptvbh.exe |
|
| Details | File | 2 | henos.dll |
|
| Details | File | 2 | plaapas.exe |
|
| Details | File | 2 | javatemp.exe |
|
| Details | File | 2 | pytemp.exe |
|
| Details | IPv4 | 2 | 80.255.3.67 |
|
| Details | IPv4 | 2 | 37.48.122.145 |
|
| Details | IPv4 | 2 | 37.120.198.208 |
|
| Details | IPv4 | 2 | 51.38.85.227 |