ioc[.]one - OSINT Cyber Threat Intelligence Database

StealC Delivered via Deceptive Google Sheets

Tags

country:	Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Models Exploits - T1587.004 Exploits - T1588.005 Hardware - T1592.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Brute Force - T1110

Show in Graph

Common Information

Type	Value
UUID	38b99803-fb38-4e1c-8799-c57856d205ae
Fingerprint	5673995bfbf4f3c
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 20, 2023, midnight
Added to db	Oct. 24, 2023, 1:15 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	StealC Delivered via Deceptive Google Sheets
Title	StealC Delivered via Deceptive Google Sheets
Detected Hints/Tags/Attributes	70/3/27

Source URLs

	Redirection	Url
Details	Source	https://www.esentire.com/blog/stealc-delivered-via-deceptive-google-sheets

URL Provider

Details	Provider	Source level domain
Details	esentire.com	www.esentire.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	sheetsdataaccess.com
Details	Domain	1	l6j4zw.dm.files.1drv.com
Details	Domain	1	update-vinc.in.net
Details	Domain	285	microsoft.net
Details	File	98	download.php
Details	File	1	vmt.exe
Details	File	1	7mudndvdcr.dll
Details	File	59	csc.exe
Details	File	71	nss3.dll
Details	File	51	msvcp140.dll
Details	File	51	mozglue.dll
Details	File	44	freebl3.dll
Details	File	1	a7f3bfe3b25537ef.php
Details	md5	1	17e9d5e23997357f614e9969082aad60
Details	md5	1	1183eb455a4035ff573f8a4551c24799
Details	md5	1	d90150a866e48d1958da34fe2bf6ed61
Details	md5	1	70319b8fcd169a8a0b353fc26b1f5dc4
Details	md5	1	f3532a174cdcd90330e44111bb8c4175
Details	IPv4	4	94.142.138.61
Details	IPv4	1	89.208.105.162
Details	IPv4	2	194.87.31.176
Details	Url	1	https://sheetsdataaccess.com/download/app/download.php?file=download
Details	Url	1	https://l6j4zw.dm.files.1drv.com
Details	Url	1	https://update-vinc.in.net/fno7bsukar/7mudndvdcr.dll
Details	Url	1	http://89.208.105.162/a7f3bfe3b25537ef.php
Details	Url	1	https://sheetsdataaccess.com/download/index.php?uid=70319b8fcd169a8a0b353fc26b1f5dc4
Details	Windows Registry Key	3	HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__