A New Look at Old Dragonfly Malware (Goodor) – One Night in Norfolk
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 1caf585a-eafc-4a99-a29e-00096d46810b
Fingerprint ac829b172d77938b
Analysis status DONE
Considered CTI value 2
Text language
Published March 30, 2020, 3:45 a.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Sept. 2, 2024, 1:59 a.m.
Headline A New Look at Old Dragonfly Malware (Goodor)
Title A New Look at Old Dragonfly Malware (Goodor) – One Night in Norfolk
Detected Hints/Tags/Attributes 51/2/18
Source URLs
Redirection Url
Details Source https://norfolkinfosec.com/a-new-look-at-old-dragonfly-malware-goodor/
URL Provider
Details Provider Source level domain
Details norfolkinfosec.com norfolkinfosec.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 440 One Night in Norfolk https://norfolkinfosec.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 1 
ntdll_installer.exe
Details File 1 
%appdata%\nt\ntdll.exe
Details File 3 
ntdll.exe
Details File 1 
defaultform.txt
Details File 2 
defaultform.aspx
Details md5 1 
f2edff3d0e5a909c8d05b04905642105
Details md5 1 
073d7bac5d624bb40adbb25f55eb693d
Details md5 2 
8943E71A8C73B5E343AA9D2E19002373
Details md5 1 
ca818c14f69bef7695c0e2ff127e6d9b
Details sha1 1 
c8c8329449c18445330903dd6a59d0b4098d9670
Details sha1 1 
115d12e0fb73445a788ebe7bdf3cab552b3cb9af
Details sha256 1 
5a7ace894461c2432fe9b52254cbc5c3f5bbce0c91a416154511a554dba6f913
Details sha256 1 
b5278301da06450fe4442a25dda2d83d21485be63598642573f59c59e980ad46
Details IPv4 2 
176.53.11.130
Details IPv4 2 
82.222.188.18
Details IPv4 2 
130.25.10.158
Details IPv4 2 
41.205.61.221
Details IPv4 2 
5.150.143.107