ioc[.]one - OSINT Cyber Threat Intelligence Database

Infostealer Distributed via CHM Files - ASEC BLOG

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	2ad7e5fd-a232-4d56-8d6a-a5035145cd87
Fingerprint	cc6599f6497307e3
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 28, 2023, 8:30 a.m.
Added to db	July 28, 2023, 2 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Infostealer Distributed via CHM Files
Title	Infostealer Distributed via CHM Files - ASEC BLOG
Detected Hints/Tags/Attributes	32/2/38

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/en/55585/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	17	✔	ASEC	https://asec.ahnlab.com/en/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	189	asec.ahnlab.com
Details	Domain	2	tosals.ink
Details	Domain	2	frotsy.lol
Details	Domain	2	drilts.sbs
Details	Domain	2	sklims.lat
Details	Domain	2	skrids.cfd
Details	Domain	2	snexby.sbs
Details	Domain	2	snivox.lat
Details	Domain	2	sutezy.mom
Details	Domain	4	crilts.cfd
Details	Domain	2	akriqa.xyz
Details	Domain	4	ppangz.mom
Details	Domain	7	atusay.lat
Details	Domain	4	labimy.ink
Details	File	34	hh.exe
Details	File	50	alg.exe
Details	File	4	docs.js
Details	File	2	ueh5j.html
Details	md5	5	aaeb059d62c448cbea4cf96f1bbf9efa
Details	md5	3	150e53a8c852ac5f23f47aceef452542
Details	md5	4	59a924bb5cb286420edebf8d30ee424b
Details	md5	4	0f27c6e760c2a530ee59d955c566f6da
Details	md5	4	bfe2a0504f7fb1326128763644c88d37
Details	Url	1	https://asec.ahnlab.com/en/?p=55569&preview=true
Details	Url	2	https://tosals.ink/kxydo
Details	Url	2	https://tosals.ink/ueh5j.html
Details	Url	2	https://frotsy.lol/cvxxv
Details	Url	2	https://drilts.sbs/zcwq
Details	Url	2	https://sklims.lat/sbjcw
Details	Url	2	https://skrids.cfd/elzal
Details	Url	2	https://snexby.sbs/svbgt
Details	Url	2	https://snivox.lat/craig
Details	Url	2	https://sutezy.mom/nmjnq
Details	Url	4	https://crilts.cfd/cdeeb
Details	Url	2	https://akriqa.xyz/qcknq
Details	Url	4	https://ppangz.mom/mjifi
Details	Url	7	https://atusay.lat/kxydo
Details	Url	4	https://labimy.ink/rskme