MATA: Multi-platform targeted malware framework
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 299b3828-b8b9-47ac-9b78-0e3faf09fd8b |
| Fingerprint | d53c1b598ca3a4db |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 22, 2020, 10 a.m. |
| Added to db | Sept. 11, 2022, 12:40 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | MATA: Multi-platform targeted malware framework |
| Title | MATA: Multi-platform targeted malware framework |
| Detected Hints/Tags/Attributes | 80/2/94 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 38 | cve-2019-3396 |
|
| Details | Domain | 1 | init.pid |
|
| Details | Domain | 5 | tinkaotp.app |
|
| Details | Domain | 359 | com.apple |
|
| Details | Domain | 338 | kaspersky.com |
|
| Details | 147 | intelreports@kaspersky.com |
||
| Details | File | 14 | c:\windows\system32\wbem\wmiprvse.exe |
|
| Details | File | 142 | wmiprvse.exe |
|
| Details | File | 478 | lsass.exe |
|
| Details | File | 1 | mata_plug_cmd.dll |
|
| Details | File | 2125 | cmd.exe |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 1 | mata_plug_process.dll |
|
| Details | File | 1 | mata_plug_testconnect.dll |
|
| Details | File | 1 | mata_plug_webproxy.dll |
|
| Details | File | 1 | mata_plug_file.dll |
|
| Details | File | 1 | mata_plug_load.dll |
|
| Details | File | 1 | mata_plug_p2preverse.dll |
|
| Details | File | 1 | appstotore.db |
|
| Details | File | 1 | rdata.dat |
|
| Details | File | 2 | sdata.dat |
|
| Details | File | 1 | mdata.dat |
|
| Details | File | 1 | ldata.dat |
|
| Details | File | 1 | hdata.dat |
|
| Details | File | 6 | tinkaotp.dmg |
|
| Details | md5 | 1 | 0137f688436c468d43b3e50878ec1a1f |
|
| Details | md5 | 1 | ab09f6a249ca88d1a036eee7a02cdd16 |
|
| Details | md5 | 1 | f364b46d8aafff67271d350b8271505a |
|
| Details | md5 | 1 | 85dcea03016df4880cebee9a70de0c02 |
|
| Details | md5 | 1 | 1060702fe4e670eda8c0433c5966feee |
|
| Details | md5 | 2 | 7b068dfbea310962361abf4723332b3a |
|
| Details | md5 | 1 | 8e665562b9e187585a3f32923cc1f889 |
|
| Details | md5 | 1 | 6cd06403f36ad20a3492060c9dc14d80 |
|
| Details | md5 | 1 | 71d8b4c4411f7ffa89919a3251e6e5cb |
|
| Details | md5 | 1 | a7bda9b5c579254114fab05ec751918c |
|
| Details | md5 | 1 | e58cfbc6e0602681ff1841afadad4cc6 |
|
| Details | md5 | 1 | 7e4e49d74b59cc9cc1471e33e50475d3 |
|
| Details | md5 | 1 | a93d1d5c2cb9c728fda3a5beaf0a0ffc |
|
| Details | md5 | 1 | 455997E42E20C8256A494FA5556F7333 |
|
| Details | md5 | 1 | 7ead1fbba01a76467d63c4a216cf2902 |
|
| Details | md5 | 1 | 7d80175ea344b1c849ead7ca5a82ac94 |
|
| Details | md5 | 1 | bf2765175d6fce7069cdb164603bd7dc |
|
| Details | md5 | 1 | b5d85cfaece7da5ed20d8eb2c9fa477c |
|
| Details | md5 | 1 | 6145fa69a6e42a0bf6a8f7c12005636b |
|
| Details | md5 | 1 | 2b8ff2a971555390b37f75cb07ae84bd |
|
| Details | md5 | 1 | 1e175231206cd7f80de4f6d86399c079 |
|
| Details | md5 | 1 | 65632998063ff116417b04b65fdebdfb |
|
| Details | md5 | 1 | ab2a98d3564c6bf656b8347681ecc2be |
|
| Details | md5 | 1 | e3dee2d65512b99a362a1dbf6726ba9c |
|
| Details | md5 | 1 | fea3a39f97c00a6c8a589ff48bcc5a8c |
|
| Details | md5 | 1 | 2cd1f7f17153880fd80eba65b827d344 |
|
| Details | md5 | 1 | 582b9801698c0c1614dbbae73c409efb |
|
| Details | md5 | 1 | a64b3278cc8f8b75e3c86b6a1faa6686 |
|
| Details | md5 | 1 | ca250f3c7a3098964a89d879333ac7c8 |
|
| Details | md5 | 1 | ed5458de272171feee479c355ab4a9f3 |
|
| Details | md5 | 1 | f0e87707fd0462162e1aecb6b4a53a89 |
|
| Details | md5 | 1 | f1ca9c730c8b5169fe095d385bac77e7 |
|
| Details | md5 | 1 | f50a0cd229b7bf57fcbd67ccfa8a5147 |
|
| Details | md5 | 2 | bea49839390e4f1eb3cb38d0fcaf897e |
|
| Details | md5 | 2 | 8910bdaaa6d3d40e9f60523d3a34f914 |
|
| Details | md5 | 1 | 6a066cf853fe51e3398ef773d016a4a8 |
|
| Details | md5 | 1 | 228998f29864603fd4966cadd0be77fc |
|
| Details | md5 | 2 | da50a7a05abffb806f4a60c461521f41 |
|
| Details | md5 | 2 | ec05817e19039c2f6cc2c021e2ea0016 |
|
| Details | md5 | 2 | 859e7e9a11b37d355955f85b9a305fec |
|
| Details | md5 | 2 | 80c0efb9e129f7f9b05a783df6959812 |
|
| Details | md5 | 1 | d2f94e178c254669fb9656d5513356d2 |
|
| Details | md5 | 1 | 982bf527b9fe16205fea606d1beed7fa |
|
| Details | md5 | 1 | e883bf5fd22eb6237eb84d80bbcf2ac9 |
|
| Details | md5 | 1 | a99b7ef095f44cf35453465c64f0c70c |
|
| Details | md5 | 1 | 199b4c116ac14964e9646b2f27595156 |
|
| Details | md5 | 2 | 81f8f0526740b55fe484c42126cd8396 |
|
| Details | md5 | 3 | f05437d510287448325bac98a1378de1 |
|
| Details | IPv4 | 1 | 108.170.31.81 |
|
| Details | IPv4 | 1 | 192.210.239.122 |
|
| Details | IPv4 | 1 | 111.90.146.105 |
|
| Details | IPv4 | 3 | 104.232.71.7 |
|
| Details | IPv4 | 1 | 107.172.197.175 |
|
| Details | IPv4 | 1 | 111.90.148.132 |
|
| Details | IPv4 | 1 | 172.81.132.41 |
|
| Details | IPv4 | 3 | 172.93.184.62 |
|
| Details | IPv4 | 1 | 172.93.201.219 |
|
| Details | IPv4 | 6 | 185.62.58.207 |
|
| Details | IPv4 | 2 | 198.180.198.6 |
|
| Details | IPv4 | 2 | 209.90.234.34 |
|
| Details | IPv4 | 1 | 216.244.71.233 |
|
| Details | IPv4 | 2 | 23.227.199.53 |
|
| Details | IPv4 | 3 | 23.227.199.69 |
|
| Details | IPv4 | 2 | 23.254.119.12 |
|
| Details | IPv4 | 7 | 67.43.239.146 |
|
| Details | IPv4 | 1 | 68.168.123.86 |
|
| Details | Windows Registry Key | 1 | HKLM\Software\Microsoft\KxtNet |
|
| Details | Windows Registry Key | 1 | HKLM\Software\Microsoft\HlqNet |
|
| Details | Windows Registry Key | 1 | HKLM\Software\mthjk |