Dissecting Greenburg Campaign Ismdoor and Shamoon / Disttrack.B
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 31bcd420-dc53-4d8f-9f9b-9a67f41334d8 |
| Fingerprint | b34309526de50090 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 30, 2017, 1:48 a.m. |
| Added to db | Jan. 18, 2023, 7:56 p.m. |
| Last updated | Oct. 1, 2024, 2:29 p.m. |
| Headline | Deriving Cyber Threat Intelligence and Driving Threat Hunting |
| Title | Dissecting Greenburg Campaign Ismdoor and Shamoon / Disttrack.B |
| Detected Hints/Tags/Attributes | 0/0/12 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | blog.vectranetworks.com |
|
| Details | Domain | 4 | www.tofinosecurity.com |
|
| Details | File | 1 | tmp765643.txt |
|
| Details | File | 1 | tmpfiles.txt |
|
| Details | File | 1 | c:\ddd\wer2.txt |
|
| Details | File | 1 | %localappdata%\microsoft\windows\jtmp765643.txt |
|
| Details | File | 1 | %localappdata%\microsoft\windows\tmp765643.txt |
|
| Details | File | 1 | tmp9932u1.bat |
|
| Details | File | 1 | tmp43hh11.txt |
|
| Details | File | 4 | x.dat |
|
| Details | File | 1 | restartremove-2.txt |
|
| Details | File | 1 | range%dsystemism.exe |