When Threat Actors Fly Under the Radar: Vatet, PyXie and Defray777
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 30451c9f-30ed-4f23-8c5a-a893eb759b81 |
| Fingerprint | 83903edb841d8702 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 7, 2020, 2:15 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | When Threat Actors Fly Under the Radar: Vatet, PyXie and Defray777 |
| Title | When Threat Actors Fly Under the Radar: Vatet, PyXie and Defray777 |
| Detected Hints/Tags/Attributes | 74/1/24 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://unit42.paloaltonetworks.com/vatet-pyxie-defray777/3 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 38 | ntdetect.com |
|
| Details | File | 748 | kernel32.dll |
|
| Details | File | 229 | advapi32.dll |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 3 | wefault.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 11 | vmnat.exe |
|
| Details | File | 351 | recycle.bin |
|
| Details | File | 101 | iconcache.db |
|
| Details | File | 143 | thumbs.db |
|
| Details | File | 17 | debug.txt |
|
| Details | File | 120 | boot.ini |
|
| Details | File | 196 | desktop.ini |
|
| Details | File | 243 | autorun.inf |
|
| Details | File | 193 | ntuser.dat |
|
| Details | File | 90 | bootfont.bin |
|
| Details | File | 99 | bootsect.bak |
|
| Details | File | 20 | cipher.exe |
|
| Details | File | 18 | fsutil.exe |
|
| Details | File | 43 | wbadmin.exe |
|
| Details | File | 105 | bcdedit.exe |
|
| Details | File | 249 | schtasks.exe |
|
| Details | File | 95 | wevtutil.exe |