ioc[.]one - OSINT Cyber Threat Intelligence Database

Hacked Sites Redirecting Users to Various Malvertising Campaigns

Tags

country:	Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Dns - T1071.004 Dns - T1590.002 Javascript - T1059.007 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Brute Force - T1110

Show in Graph

Common Information

Type	Value
UUID	34e0ae6f-9af3-4f39-a8f9-9df9fcf932b2
Fingerprint	6ca9095d26b7558b
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 18, 2017, 9:53 a.m.
Added to db	Jan. 18, 2023, 9:59 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Hacked Sites Redirecting Users to Various Malvertising Campaigns
Title	Hacked Sites Redirecting Users to Various Malvertising Campaigns
Detected Hints/Tags/Attributes	46/3/69

Source URLs

	Redirection	Url
Details	Source	https://malwarebreakdown.com/2017/04/18/hacked-sites-redirecting-users-to-various-malvertising-campaigns/

URL Provider

Details	Provider	Source level domain
Details	malwarebreakdown.com	malwarebreakdown.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	multitaskcleaners.co.uk
Details	Domain	6	onclkds.com
Details	Domain	1	q4zwp.voluumtrk.com
Details	Domain	1	test.dsatpf.com
Details	Domain	1	dakdji282euijdsnkdlks.com
Details	Domain	1	bestbabynappies.co.uk
Details	Domain	1	edihc.info
Details	Domain	1	add.hellofromyr.com
Details	Domain	9	ip-addr.es
Details	Domain	20	222.222.67.208.in-addr.arpa
Details	Domain	4	aeeeeeeeeeeeeeeeeeeeeeeeeeeeva.onion
Details	Domain	35	resolver1.opendns.com
Details	Domain	35	myip.opendns.com
Details	Domain	1	onclks.com
Details	Domain	3	xml.pdn-1.com
Details	Domain	1	maxpccur890.life
Details	Domain	1	zonsoftlabs.club
Details	Domain	1	ppixeme.com
Details	Domain	1	browserfreezinghome.club
Details	Domain	1	yourdubaid.club
Details	File	1	giftwrap.php
Details	File	218	min.js
Details	File	40	jquery.js
Details	File	5	afu.php
Details	File	19	page.txt
Details	File	52	exploit.swf
Details	File	1	ufyqwfyv.exe
Details	File	1	gz7kfdks.exe
Details	File	1	edihc.inf
Details	File	7	t64.dll
Details	File	3	uaps.txt
Details	File	1	feu7mnl6.exe
Details	File	816	index.html
Details	File	1	adobe_flash_setup_4143195900.exe
Details	File	2	videoplayersetup.exe
Details	sha256	1	0c7fb33247f8a00a64233516290843010d55111796dbfc35e96923f2a324c5ac
Details	sha256	1	c37795cf95f8dff49dc820ec0082c3068f4f2100f692b149f9cc959a95f2402b
Details	sha256	1	558035fe7355b395aa84fac4afdf057d2870f8faf103fbb6bf01fe8c388c3218
Details	sha256	1	e403a4ed18ae417a0e4f8f4e9932e3e837a35b214335b09d2dd5d20e416e8568
Details	sha256	1	37c8b5136c79db202183b3a5b8391fdab1c97e37ed922a5c2cf0647d1d241262
Details	sha256	1	1d2b7a0f565b9041ae88b98b521c2f9eaaab955e0d346c93e07715ae0384e2e5
Details	sha256	1	4d5d79effca33bc2a39d63281aedc71099cd874a1a65e327c1db6b025283795f
Details	sha256	1	6b329227a060275713f6f5c16f9eeab4346d4c09c8daf4f447066592604516a9
Details	sha256	1	61e635861fe6d7e53340a029694972b58526f92c4f33635ba2cf330be42aeb92
Details	sha256	1	73d6f3e619035db9f72c0cd1f89f946ad4fc6f81f564cce448195a70c7bfd33f
Details	IPv4	1	194.58.42.227
Details	IPv4	4	134.249.116.78
Details	IPv4	1	54.219.160.96
Details	IPv4	1	188.225.72.22
Details	IPv4	1	185.118.64.179
Details	IPv4	2	80.77.82.40
Details	IPv4	1	92.53.104.39
Details	IPv4	2	158.69.176.173
Details	IPv4	24	222.222.67.208
Details	IPv4	27	208.67.222.222
Details	IPv4	295	8.8.8.8
Details	IPv4	1	195.59.102.35
Details	IPv4	1	193.111.141.160
Details	IPv4	2	174.137.155.139
Details	IPv4	1	107.180.57.15
Details	IPv4	1	107.180.28.75
Details	IPv4	1	104.16.185.199
Details	IPv4	1	107.180.41.243
Details	IPv4	1	43.255.154.31
Details	IPv4	1	107.180.0.0
Details	Url	1	http://134.249.116.78/jquery.js
Details	Url	1	https://onclkds.com/afu.php?zoneid=1157984
Details	Url	1	http://onclkds.com/afu.php?zoneid=1157980
Details	Url	1	http://onclkds.com/afu.php?zoneid=1157979