通过视频网站传播的RecordBreaker窃密木马分析
Tags
attack-pattern: Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 2d722191-d638-4caa-8ebd-845fe86ac0cf
Fingerprint 7d5811bf7ced666e
Analysis status DONE
Considered CTI value 2
Text language
Published Feb. 21, 2022, midnight
Added to db June 12, 2023, 5:50 p.m.
Last updated Nov. 17, 2024, 6:53 p.m.
Headline 通过视频网站传播的RecordBreaker窃密木马分析
Title 通过视频网站传播的RecordBreaker窃密木马分析
Detected Hints/Tags/Attributes 5/1/30
Source URLs
Redirection Url
Details Source https://mp.weixin.qq.com/s/K8r6ZLC9LX6fRx-zwTR_hw
URL Provider
Details Provider Source level domain
Details qq.com mp.weixin.qq.com
Attributes
Details Type #Events CTI Value
Details Domain 2 
software.cc
Details Domain 2 
crackprogs.com
Details Domain 2 
expertstudiopro.com
Details Domain 2 
crackallsofts.com
Details Domain 2 
hotsoft.bio
Details Domain 358 
pastebin.com
Details Domain 20 
www.antiy.cn
Details File 1 
并使用剪辑手段将应用软件的正常安装过程拼接到双击launcherpc.exe
Details File 1 
vdss.exe
Details File 1 
vfvfd.exe
Details File 1 
其中的lolminer.exe
Details File 1 
和xmrig.exe
Details File 2 
watchnew.exe
Details File 1 
恶意载荷将watchnew.exe
Details File 1 
20221115.html
Details File 1 
20210628.html
Details md5 1 
FC4FB41749309B890AFC948645976EA9
Details md5 1 
854D15EDE01BB7DBC9B19EC8DAF54295
Details md5 1 
AA6CF53B4389F2EAC3AD5718B7300F80
Details md5 1 
E72D497C94BB1ED882AC98931F70E82E
Details IPv4 2 
159.69.123.169
Details IPv4 5 
85.192.40.252
Details Url 2 
https://software.cc
Details Url 2 
https://crackprogs.com
Details Url 2 
https://expertstudiopro.com
Details Url 2 
https://crackallsofts.com
Details Url 2 
https://hotsoft.bio
Details Url 2 
https://pastebin.com/raw/gvpycg8h
Details Url 1 
https://www.antiy.cn/research/notice&report/research_report/20221115.html
Details Url 1 
https://www.antiy.cn/research/notice&report/research_report/20210628.html