ioc[.]one - OSINT Cyber Threat Intelligence Database

Dreambot Dropped by HookAds

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	397272c3-8a46-4e1e-943a-742560c44507
Fingerprint	68ab645f6ffc4487
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 27, 2017, 1:46 a.m.
Added to db	Jan. 18, 2023, 9:59 p.m.
Last updated	Sept. 5, 2024, 12:50 a.m.
Headline	Dreambot Dropped by HookAds
Title	Dreambot Dropped by HookAds
Detected Hints/Tags/Attributes	15/1/29

Source URLs

	Redirection	Url
Details	Source	https://malwarebreakdown.com/2017/07/27/dreambot-dropped-by-hookads/

URL Provider

Details	Provider	Source level domain
Details	malwarebreakdown.com	malwarebreakdown.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	balkali.info
Details	Domain	5	wdwefwefwwfewdefewfwefw.onion
Details	Domain	35	resolver1.opendns.com
Details	Domain	35	myip.opendns.com
Details	Domain	4	artifacts.zip
Details	File	8	popunder.php
Details	File	1	balkali.inf
Details	File	1	b.avi
Details	File	1	2.css
Details	File	2	countryhits.txt
Details	File	1	164.txt
Details	File	1	164.swf
Details	File	23	o32.tmp
Details	File	1	q1t3ly73.exe
Details	File	1	3.css
Details	File	4	artifacts.zip
Details	sha256	1	5bc5bf65fa088d58df193e99a31d3471cf20aeade39c980362857ccea028d19b
Details	sha256	1	86dfda35f3a035cd1a294fc427d9f2774f75fbda687902f261f2cf8d215938ff
Details	sha256	1	87a3d00fe14e3a773e905c00cc3a912999d41a3fcf4093fbec7c0c5ebae7bb77
Details	sha256	1	b97163074bc8bb1893310e27aa673cbb89ae0ac9b88fad149fe2bfe9adcf4897
Details	sha256	1	82a322e80c3cc0645123812b8933bad1e88f164b82a649167bbca4028809ff13
Details	sha256	1	c3680493f64fce0dfe7cfa77a752ec15baa31c9ad5f76d5156fa6a465a399623
Details	sha256	2	4384458b9c3f09af64f386552588ea9b35e4aa7438bbb515dadf4b4619e10820
Details	sha256	1	939ca8ad0e3c61b471d7fd918f4701e548f98084ff461fa7c897191b0f778fa4
Details	IPv4	10	80.77.82.41
Details	IPv4	1	188.225.33.164
Details	IPv4	1	104.223.89.174
Details	IPv4	18	193.23.244.244
Details	IPv4	5	76.73.17.194