ioc[.]one - OSINT Cyber Threat Intelligence Database

I got infected by a trojan probably - Virus, Trojan, Spyware, and Malware Removal Help

Tags

country:	Italy
attack-pattern:	Direct Model Control Panel - T1218.002 Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Mmc - T1218.014 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	285678cf-a956-44e0-ab03-12a0c2ed8195
Fingerprint	6f512b26ff4ece97
Analysis status	DONE
Considered CTI value	0
Text language
Published	May 3, 2023, 6:28 p.m.
Added to db	May 4, 2023, 1:47 a.m.
Last updated	Nov. 17, 2024, 6:53 p.m.
Headline	I got infected by a trojan probably
Title	I got infected by a trojan probably - Virus, Trojan, Spyware, and Malware Removal Help
Detected Hints/Tags/Attributes	53/2/125

Source URLs

	Redirection	Url
Details	Source	https://www.bleepingcomputer.com/forums/t/785050/i-got-infected-by-a-trojan-probably/

URL Provider

Details	Provider	Source level domain
Details	bleepingcomputer.com	www.bleepingcomputer.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	IPv4	12	127.255.255.255
Details	IPv4	103	192.168.1.0
Details	IPv4	24	192.168.1.255
Details	IPv4	27	224.0.0.0
Details	IPv4	13	240.0.0.0
Details	IPv4	7	5.69.0.0
Details	IPv4	1	3.19.0.94
Details	IPv4	1	0.221.109.14
Details	IPv6	1	fe80::9b09:2508:dd5b:e594
Details	IPv6	1	fe80::a691:b1ff:fe32:4c8
Details	IPv6	1	2a00:1450:4002:402::200e
Details	IPv6	1	2001:4998:44:3507::8000
Details	IPv6	1	2001:4998:124:1507::f001
Details	IPv6	1	2001:4998:124:1507::f000
Details	IPv6	1	2001:4998:24:120d::1:0
Details	IPv6	1	2001:4998:44:3507::8001
Details	IPv6	1	2001:4998:24:120d::1:1
Details	IPv6	72	::1
Details	Url	1	https://www.bleepingcomputer.com/forums/t/777154/cant-access-to-virustotalcom-website
Details	Windows Registry Key	77	HKLM-x32
Details	Windows Registry Key	55	HKLM-x32\...\Google
Details	Windows Registry Key	12	HKLM\...\O365HomePremRetail
Details	Windows Registry Key	41	HKLM\...\Mozilla
Details	Windows Registry Key	41	HKLM\...\MozillaMaintenanceService
Details	Windows Registry Key	9	HKLM-x32\...\Overwolf
Details	Windows Registry Key	1	HKLM-x32\...\Spotify
Details	Windows Registry Key	30	HKLM\...\WinRAR
Details	Windows Registry Key	1	HKU\S-1-5-21-4011527363-3575046421-2635246304-1001\...\Policies\Explorer
Details	Windows Registry Key	1	HKU\S-1-5-21-4011527363-3575046421-2635246304-1001_Classes\CLSID
Details	Domain	251	www.bleepingcomputer.com
Details	Domain	32	avast.com
Details	Domain	25	www.avast.com
Details	Domain	6	totalav.com
Details	Domain	2	www.totalav.com
Details	Domain	2	scanguard.com
Details	Domain	2	www.scanguard.com
Details	Domain	2	totaladblock.com
Details	Domain	2	www.totaladblock.com
Details	Domain	2	pcprotect.com
Details	Domain	2	www.pcprotect.com
Details	Domain	42	mcafee.com
Details	Domain	103	www.mcafee.com
Details	Domain	56	bitdefender.com
Details	Domain	128	www.bitdefender.com
Details	Domain	13	us.norton.com
Details	Domain	2	www.us.norton.com
Details	Domain	6	avg.com
Details	Domain	7	www.avg.com
Details	Domain	17	malwarebytes.com
Details	Domain	66	www.malwarebytes.com
Details	Domain	10	pandasecurity.com
Details	Domain	16	www.pandasecurity.com
Details	Domain	13	surfshark.com
Details	Domain	5	www.surfshark.com
Details	Domain	6	avira.com
Details	Domain	13	www.avira.com
Details	Domain	15	norton.com
Details	Domain	14	www.norton.com
Details	Domain	114	eset.com
Details	Domain	80	www.eset.com
Details	Domain	707	google.com
Details	Domain	287	yahoo.com
Details	Domain	67	microsoft.windows
Details	Domain	3	cyberlinkcorp.ac
Details	File	30	www.avi
Details	File	1	c:\windows\syswow64\napinsp.dll
Details	File	2	c:\windows\syswow64\pnrpnsp.dll
Details	File	1	c:\windows\syswow64\mswsock.dll
Details	File	1	c:\windows\syswow64\winrnr.dll
Details	File	2	c:\windows\syswow64\wshbth.dll
Details	File	2	c:\windows\syswow64\nlansp_c.dll
Details	File	1	c:\windows\system32\napinsp.dll
Details	File	1	c:\windows\system32\pnrpnsp.dll
Details	File	8	c:\windows\system32\mswsock.dll
Details	File	4	c:\windows\system32\winrnr.dll
Details	File	1	c:\windows\system32\wshbth.dll
Details	File	1	c:\windows\system32\nlansp_c.dll
Details	File	198	msmpeng.exe
Details	File	12	mpengine.dll
Details	File	5	windowsterminal.exe
Details	File	5	xaml.dll
Details	File	11	whatsapp.exe
Details	File	55	dwm.exe
Details	File	7	c:\windows\system32\dwm.exe
Details	File	14	dwmcore.dll
Details	File	1	c:\windows\system32\dwmcore.dll
Details	File	2	msteamsupdate.exe
Details	File	533	ntdll.dll
Details	File	36	c:\windows\system32\ntdll.dll
Details	File	1	c:\programdata\12702180125100493641.exe
Details	File	1	c:\programdata\39851541721194383451.exe
Details	File	1	c:\programdata\64739366451051891624.exe
Details	File	1	c:\programdata\86031703181861145392.exe
Details	File	1	c:\programdata\31162585455333916877.exe
Details	File	1	c:\programdata\32262542361896544345.exe
Details	File	1	c:\programdata\52198193233819296254.exe
Details	File	1	c:\programdata\88488575731889655823.exe
Details	File	7	fcon.dll
Details	File	17	msoxmlmf.dll
Details	File	34	win.rar
Details	File	4	c:\program files\windowsapps\acerincorporated.ace
Details	File	1	c:\program files\windowsapps\magixsoftwaregmbh.mov
Details	File	8	c:\program files\windowsapps\microsoft.raw
Details	File	11	client.core
Details	File	1	c:\windows\minidump\031423-5859-01.dmp
Details	File	1	c:\windows\system32\layout01.dll
Details	File	8	c:\windows\system32\mscoree.dll
Details	File	7	c:\program files\notepad++\nppshell_06.dll
Details	File	1	tizerunlocker.dll
Details	IPv4	619	0.0.0.0
Details	IPv4	20	192.168.1.102
Details	IPv4	141	255.255.255.0
Details	IPv4	262	192.168.1.1
Details	IPv4	4	192.168.1.64
Details	IPv4	1	142.251.209.14
Details	IPv4	2	98.137.11.163
Details	IPv4	2	74.6.231.21
Details	IPv4	2	98.137.11.164
Details	IPv4	3	74.6.143.26
Details	IPv4	3	74.6.143.25
Details	IPv4	2	74.6.231.20
Details	IPv4	1441	127.0.0.1
Details	IPv4	45	127.0.0.0
Details	IPv4	22	255.0.0.0
Details	IPv4	59	255.255.255.255