Cisco AMP tracks new campaign that delivers Ursnif
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 25a56a28-4cc2-45cb-ab9b-1960adb3382d |
| Fingerprint | 8e0b189308b55729 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 24, 2019, 1:39 p.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Vulnerability Information |
| Title | Cisco AMP tracks new campaign that delivers Ursnif |
| Detected Hints/Tags/Attributes | 45/1/127 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.talosintelligence.com/2019/01/amp-tracks-ursnif.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | levocumbut.com |
|
| Details | Domain | 1 | rapworeepa.com |
|
| Details | Domain | 1 | wegatamata.com |
|
| Details | Domain | 1 | roevinguef.com |
|
| Details | Domain | 1 | pivactubmi.com |
|
| Details | Domain | 1 | biesbetiop.com |
|
| Details | Domain | 1 | navectrece.com |
|
| Details | Domain | 1 | yancommato.com |
|
| Details | Domain | 1 | dewirasute.com |
|
| Details | Domain | 1 | ptyptossen.com |
|
| Details | Domain | 1 | mochigokat.com |
|
| Details | Domain | 1 | tubpariang.com |
|
| Details | Domain | 1 | zardinglog.com |
|
| Details | Domain | 1 | abregeousn.com |
|
| Details | Domain | 1 | aplatmesse.com |
|
| Details | Domain | 1 | abeelepach.com |
|
| Details | Domain | 1 | teomengura.com |
|
| Details | Domain | 1 | allooalel.club |
|
| Details | Domain | 1 | nublatoste.com |
|
| Details | Domain | 1 | ledibermen.com |
|
| Details | Domain | 1 | lootototic.com |
|
| Details | Domain | 1 | acnessempo.com |
|
| Details | Domain | 1 | usteouraph.com |
|
| Details | Domain | 1 | izzlebutas.com |
|
| Details | Domain | 1 | sfernacrif.com |
|
| Details | Domain | 1 | isatawatag.com |
|
| Details | Domain | 1 | duenexacch.com |
|
| Details | Domain | 1 | kyllborena.com |
|
| Details | Domain | 1 | bawknogeni.com |
|
| Details | Domain | 1 | kicensinfa.com |
|
| Details | Domain | 1 | uvuladitur.com |
|
| Details | File | 31 | c:\windows\system32\wbem\wmic.exe |
|
| Details | File | 748 | kernel32.dll |
|
| Details | File | 13 | data.php |
|
| Details | File | 18 | makecab.exe |
|
| Details | File | 1 | 137d1dc1.exe |
|
| Details | File | 1 | 1688e8b.exe |
|
| Details | File | 1 | 1bdf65af.exe |
|
| Details | File | 1 | 1cf8f7bb.exe |
|
| Details | File | 1 | 2662438a.exe |
|
| Details | File | 1 | 284ca7b3.exe |
|
| Details | File | 1 | 31d073c1.exe |
|
| Details | File | 1 | 3209f93c.exe |
|
| Details | File | 1 | 3d4480c4.exe |
|
| Details | File | 1 | 3fabbd27.exe |
|
| Details | File | 1 | 40dc969c.exe |
|
| Details | File | 1 | 4d46c42f.exe |
|
| Details | File | 1 | 530ddba6.exe |
|
| Details | File | 1 | 56ef205c.exe |
|
| Details | File | 1 | 58b00f30.exe |
|
| Details | File | 1 | 58f9603c.exe |
|
| Details | File | 1 | 60404124.exe |
|
| Details | File | 1 | 62574d8.exe |
|
| Details | File | 1 | 6420f61f.exe |
|
| Details | File | 1 | 6aad9e36.exe |
|
| Details | File | 1 | 6ed4c1be.exe |
|
| Details | File | 1 | 71bdcc14.exe |
|
| Details | File | 1 | 75e1d341.exe |
|
| Details | File | 1 | 7bc0a512.exe |
|
| Details | File | 1 | 7df15b.exe |
|
| Details | File | 1 | 8428791f.exe |
|
| Details | File | 1 | 8c1d4ca.exe |
|
| Details | File | 1 | 8d04e64a.exe |
|
| Details | File | 1 | 97729da0.exe |
|
| Details | File | 1 | 97979225.exe |
|
| Details | File | 1 | 9835041d.exe |
|
| Details | File | 1 | 9eb826ef.exe |
|
| Details | File | 1 | a54ab0bc.exe |
|
| Details | File | 1 | a9f1df84.exe |
|
| Details | File | 1 | aa5cc687.exe |
|
| Details | File | 1 | af74ae98.exe |
|
| Details | File | 1 | b034a4.exe |
|
| Details | File | 1 | bb5144e8.exe |
|
| Details | File | 1 | c1a17119.exe |
|
| Details | File | 1 | cbd42398.exe |
|
| Details | File | 1 | cf63b795.exe |
|
| Details | File | 1 | d5e1b91a.exe |
|
| Details | File | 1 | da0170a9.exe |
|
| Details | File | 1 | def4b6bf.exe |
|
| Details | File | 1 | e199be3d.exe |
|
| Details | File | 1 | e5920466.exe |
|
| Details | File | 1 | e7972c72.exe |
|
| Details | File | 1 | f005cb48.exe |
|
| Details | File | 1 | f0107edb.exe |
|
| Details | File | 1 | f2134754.exe |
|
| Details | File | 1 | fa408793.exe |
|
| Details | sha256 | 1 | db7f0dab70e1da8ef7a6a6d938531f2a6773c0c5f925f19874fd3e764aa45833 |
|
| Details | sha256 | 1 | e58827967cba544cc1db3d751095878115f4247982fb514bbd7b98bced8de6c0 |
|
| Details | sha256 | 1 | 3846fe442df0175461081dd63299144a233debbd2453deeeb405126042ef72d1 |
|
| Details | sha256 | 1 | 982cf7af71d0fe54cbdfac74fd2985c48a011e6ffffe65012ee4496bb669b321 |
|
| Details | sha256 | 1 | cbc10db9d7609e548e550e79f45940125895374b9a97e133020d5585bfd183ed |
|
| Details | sha256 | 1 | 2dbd942ac2f0b92d497fa6595f638cbddc24eab8beffb7cc648a91d65b45fa09 |
|
| Details | sha256 | 1 | 38c459e56997e759ca680f88aae4428d9c76e9fae323b4d2238adf203036007c |
|
| Details | sha256 | 1 | 153c191ef4afd3eba9df89150ac728757efcba1293716c23f019e35270a388c4 |
|
| Details | sha256 | 1 | 95f5f2ecdce872f5b96739f548e4b73bb8b7a2c11c46cfddf3e20fd04abfc091 |
|
| Details | sha256 | 1 | 1cf5de71d51d2769079a8cb64e05f80e72e88846987602ad7302478c0d574caa |
|
| Details | sha256 | 1 | c9f42b866fc203b4cd9d09cfcb0f8fca41097548393c15adb0557652526d818a |
|
| Details | sha256 | 1 | ba332017cbf16842170788f5688e3b8a79c821ef1331e428d77af238c379be4f |
|
| Details | sha256 | 1 | b278b0e63acbbb92396da41bffb99b9ef09dff1b1b838f69e29245c6731269f7 |
|
| Details | sha256 | 1 | b6837f46124a360ffff235824cc1decda2b97d6daf73e80f3615bce7781a86aa |
|
| Details | sha256 | 1 | 12e3140656d7df63a1c444b0ebdae75039a18799e2ebd03a80eeb26ce5dbb66c |
|
| Details | sha256 | 1 | d3383c7ee9704b51b302d7e611214a78050fcc7ad0969682355894af58f63cdf |
|
| Details | sha256 | 1 | 3eff10af3f2afbcf59d5cf77f470abe3cfafbe48255e7f6ea56a22608e332824 |
|
| Details | sha256 | 1 | ad87dcc617e9914e28f76d071b586ac2cca9454078f3141c17e0102c9e2eebaa |
|
| Details | sha256 | 1 | 65f81148184a7ec71a43e9cd50e1267ab3fc64f3ef5f41f9da8bd74000baad30 |
|
| Details | sha256 | 1 | f7cc1b8f93831f7170e5317b5b79aaa9ceb2bc6724f21bc4e2c6cccb71655624 |
|
| Details | sha256 | 1 | d08e92af78cbf7049e8a9ca7b6ab61e8dc42729848e73b980b7cf5ac74d505af |
|
| Details | sha256 | 1 | 1b0b9cfaa78fac0875d10d087b8354d52bffb1f576eec7d49acab9d3394ccd9a |
|
| Details | sha256 | 1 | d48f2cb5cc595f5cea29b7fd2bd8463fdfaf980c48792294ebb4c798516a7eae |
|
| Details | sha256 | 1 | 5a739f018675094baf0b61ff8462b1c946410f4776be877719cb20f9a9c16dfd |
|
| Details | sha256 | 1 | d53ace589ad1a39487f36dd3e516ac2a5af0aec521f28c5b78b3a47636cfb068 |
|
| Details | sha256 | 1 | 0778ef085fdebd39856ebfa4bf1203dcb7ee59fa4fc82a71a2ef3a949143c543 |
|
| Details | sha256 | 1 | 4ffe626708fa6a2d76366a962359658e0d919544260aa2179727964c34e12080 |
|
| Details | sha256 | 1 | 4dedf0b96b253b8fc15b007e4f61eb85d0345ef19f5a1fc6ea0772614375f606 |
|
| Details | sha256 | 1 | f3c7d7c0e71d15dc03614964c887a2459bd0ae4a97a324018a97dff27608e4b2 |
|
| Details | sha256 | 1 | 8b73b12aad16a58d07048a307a7a558755d0f5ca369dbee8b808a9d9c941a25d |
|
| Details | sha256 | 1 | a2ae329bf70c24e4380d6133a4c02127e09597111e4edfd7808aa471450d2332 |
|
| Details | sha256 | 1 | 001f52a0fa8d4abe34bfff6c96b423435c0ad3e06d40ece228fe2db3bc0d1067 |
|
| Details | sha256 | 1 | b4b56db2ce95d52b018edee05f996a1b5ae11a289979e984157a0efb7bbbc9b9 |
|
| Details | sha256 | 1 | 617f1260e18929704c0ef45dae5eee7b9690b7a95f66e76ac00cf9dd2fca465b |
|
| Details | sha256 | 1 | c283c26a991fd3599e8fd91bf059c2dbb07d3d630caf699531c48737faedc325 |
|
| Details | sha256 | 1 | 447f249e60df0324f74a40a4b35f432b2e19f801ce2d4d6efa126a6841836b11 |
|
| Details | sha256 | 1 | d7aeacb2b12cef81315a64670a27575d84ac1af4541000d0093fdb3676afc515 |
|
| Details | sha256 | 1 | d200cbc2b28811bf4762d664a4b3f9f58f6b20af03981910dc2317751f91027d |
|
| Details | sha256 | 1 | b409ee2691e7b2d2598cd01ac28a0914d4778da8d8b7a62d2f78492b14790917 |
|
| Details | sha256 | 1 | e95af1012346ab3edbb365f3463bd060bfa7f194b7c68c8e680dfbde43c57eb7 |
|
| Details | sha256 | 1 | 015e2b8de525789f551abb4af169ad914f218fb07df2496c6f23d51d6a711688 |