Cybercriminals switch from MBR to NTFS
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malware - T1587.001 Malware - T1588.001 Rootkit - T1014 Rootkit
Show in Graph
Common Information
Type Value
UUID 16d3f1a2-2fb0-4109-90cd-e1d5ebd7cf15
Fingerprint a784ce7acd3ebd8f
Analysis status DONE
Considered CTI value 0
Text language
Published July 6, 2011, 3:40 p.m.
Added to db Sept. 26, 2022, 9:31 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Cybercriminals switch from MBR to NTFS
Title Cybercriminals switch from MBR to NTFS
Detected Hints/Tags/Attributes 19/2/6
Source URLs
Redirection Url
Details Source https://securelist.com/cybercriminals-switch-from-mbr-to-ntfs-2/29117/
URL Provider
Details Provider Source level domain
Details securelist.com securelist.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
trojan.win32.ddox.ci
Details File 1122 
svchost.exe
Details File 263 
iexplore.exe
Details File 199 
firefox.exe
Details File 73 
opera.exe
Details File 271 
chrome.exe