Analyzing ISFB – The Second Loader | 0ffset Training Solutions
Tags
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 2d2b1263-1762-42ef-b6e5-ac17df2e65e4
Fingerprint 9a001001a83d8b8d
Analysis status DONE
Considered CTI value 2
Text language
Published May 25, 2019, 9:10 p.m.
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 18, 2024, 10:24 a.m.
Headline UNKNOWN
Title Analyzing ISFB – The Second Loader | 0ffset Training Solutions
Detected Hints/Tags/Attributes 70/1/14
Source URLs
Redirection Url
Details Source https://0ffset.net/reverse-engineering/malware-analysis/analyzing-isfb-second-loader/
URL Provider
Details Provider Source level domain
Details 0ffset.net 0ffset.net
Attributes
Details Type #Events CTI Value
Details Domain 1 
qfelicialew.city
Details Domain 1 
mzg4958lc.com
Details Domain 1 
gxuxwnszau.band
Details File 41 
rpcrt4.dll
Details File 1 
13jcv.avi
Details File 1260 
explorer.exe
Details File 31 
c:\windows\system32\wbem\wmic.exe
Details File 2129 
cmd.exe
Details File 2 
'.avi
Details File 76 
ping.exe
Details md5 2 
52b4480de6f4d4f32fba2b535941c284
Details md5 1 
8ab8bbedf455b2544c3b5e2514f9de84
Details md5 1 
14373f33e1907b5d82747bed1f1aacaf
Details md5 1 
468d291ca5e63470a351ac73ff3621ba