Threat Spotlight: Holiday Greetings from Pro PoS – Is your payment card data someone else’s Christmas present?
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 2153b6eb-541c-480a-bc8f-804426294f19 |
| Fingerprint | a2241f1d85139287 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Dec. 17, 2015, 11:23 a.m. |
| Added to db | Oct. 9, 2022, 4:13 p.m. |
| Last updated | Nov. 17, 2024, 6:49 p.m. |
| Headline | Vulnerability Information |
| Title | Threat Spotlight: Holiday Greetings from Pro PoS – Is your payment card data someone else’s Christmas present? |
| Detected Hints/Tags/Attributes | 81/2/63 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.talosintelligence.com/2015/12/pro-pos.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | images.cooltext.com |
|
| Details | Domain | 1 | attrition.com |
|
| Details | File | 1 | %appdata%\914785304\ntprovider.exe |
|
| Details | File | 1 | %appdata%\driver.sys |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 1 | %appdata%\installed\windefender.exe |
|
| Details | File | 4 | windefender.exe |
|
| Details | File | 1 | cmdline.dll |
|
| Details | File | 1 | bookmark.dll |
|
| Details | File | 1 | pluzina1.dll |
|
| Details | File | 1 | pluzina2.dll |
|
| Details | File | 1 | pluzina3.dll |
|
| Details | File | 1 | pluzina4.dll |
|
| Details | File | 1 | procs.dll |
|
| Details | File | 1 | realign.dll |
|
| Details | File | 1 | 16edit.dll |
|
| Details | File | 1 | win32_user.pl |
|
| Details | File | 1 | win32_stub.pl |
|
| Details | File | 1 | linux_stub.pl |
|
| Details | File | 1 | wince_stub.pl |
|
| Details | File | 1 | mac_stub.pl |
|
| Details | File | 1 | deviarecom.dll |
|
| Details | File | 1 | deviare2.dll |
|
| Details | File | 83 | sbiedll.dll |
|
| Details | File | 1 | apimonitor-drv-x86.sys |
|
| Details | File | 40 | ollydbg.exe |
|
| Details | File | 9 | peid.exe |
|
| Details | File | 17 | lordpe.exe |
|
| Details | File | 11 | importrec.exe |
|
| Details | File | 1 | cim's.exe |
|
| Details | File | 1 | defixed.exe |
|
| Details | File | 1 | ygs-dox.exe |
|
| Details | File | 5 | ollyice.exe |
|
| Details | File | 1 | hanolly_english.exe |
|
| Details | File | 1 | hanolly.exe |
|
| Details | File | 1 | hanolly_korean.exe |
|
| Details | File | 2 | w32dsm89.exe |
|
| Details | File | 1 | winhex.exe |
|
| Details | File | 2 | hiew32.exe |
|
| Details | File | 2 | xvi32.exe |
|
| Details | File | 11 | idag.exe |
|
| Details | File | 27 | procdump.exe |
|
| Details | File | 29 | filemon.exe |
|
| Details | File | 22 | regmon.exe |
|
| Details | File | 2 | reshacker.exe |
|
| Details | File | 2 | exeinfope.exe |
|
| Details | File | 1 | exescope.exe |
|
| Details | File | 4 | die.exe |
|
| Details | File | 1 | protection_id.exe |
|
| Details | File | 1 | evo_dbg.exe |
|
| Details | File | 6 | sbiectrl.exe |
|
| Details | File | 1 | spystudio.exe |
|
| Details | File | 6 | sbiesvc.exe |
|
| Details | File | 3 | apimonitor-x86.exe |
|
| Details | File | 306 | services.exe |
|
| Details | File | 1 | 4465794.png |
|
| Details | File | 101 | gate.php |
|
| Details | IPv4 | 1 | 190.123.45.139 |
|
| Details | Pdb | 1 | c:\drivers\test\objchk_win7_x86\i386\ssdthook.pdb |
|
| Details | Url | 1 | http://images.cooltext.com/4465794.png |
|
| Details | Url | 1 | http://attrition.com/katrina/gate.php |
|
| Details | Windows Registry Key | 4 | HKLM\HARDWARE\ACPI\DSDT\VBOX__ |
|
| Details | Windows Registry Key | 1 | HKLM\HARDWARE\ACPI\DSDT\AMIBI |