ioc[.]one - OSINT Cyber Threat Intelligence Database

Cryptomining Campaign Returns Coal and Not Diamond

Tags

country:	Algeria Czechia India Indonesia Russia Vietnam Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Botnet - T1583.005 Botnet - T1584.005 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Network Security Appliances - T1590.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Windows Service - T1543.003 Tool - T1588.002 New Service - T1050 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	3c02b7a2-8d7f-4fe9-8b4a-db1ad5ca6510
Fingerprint	8f05595b38a6b88d
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 23, 2018, 12:44 p.m.
Added to db	Oct. 9, 2022, 4:17 p.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	Vulnerability Information
Title	Cryptomining Campaign Returns Coal and Not Diamond
Detected Hints/Tags/Attributes	87/3/152

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2018/04/cryptomining-campaign-returns-coal-not-diamond.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	cdn.rmb666.me
Details	Domain	1	btv.vvpool.com
Details	Domain	1	vvpool.com
Details	Domain	904	snort.org
Details	Domain	1	image.cheap2019.com
Details	Domain	1	image.docu2018.com
Details	Domain	1	image.gxb2018.com
Details	Domain	1	image.japchn2018.com
Details	Domain	1	image.pply2018.com
Details	Domain	1	image.succe2018.com
Details	Domain	1	image.yyxp2019.com
Details	Domain	1	img.rmb777.me
Details	Domain	1	1022k.blogspot.com
Details	Domain	1	7mlftakc3qt48.livejournal.com
Details	Domain	1	bbx2018.blogspot.com
Details	Domain	1	bct2018.blogspot.com
Details	Domain	1	btv2018.blogspot.com
Details	Domain	1	check2018.livejournal.com
Details	Domain	1	earthjor.livejournal.com
Details	Domain	1	gba2019.livejournal.com
Details	Domain	1	hbrhzuds1199.livejournal.com
Details	Domain	1	hrb2019.livejournal.com
Details	Domain	1	iphone2019.livejournal.com
Details	Domain	1	kawakaw.livejournal.com
Details	Domain	1	livegoogle.livejournal.com
Details	Domain	1	lovejoin2019.blogspot.com
Details	Domain	1	myinsterschool.blogspot.com
Details	Domain	1	myqnewworld.blogspot.com
Details	Domain	1	nha2019.livejournal.com
Details	Domain	1	talkto2018.livejournal.com
Details	Domain	1	tpshadow66655.livejournal.com
Details	Domain	1	xabx2019.livejournal.com
Details	Domain	1	xmr1022.livejournal.com
Details	Domain	1	xmr1022x.livejournal.com
Details	Domain	1	xmr2019.blogspot.com
Details	Domain	1	xmr2019.livejournal.com
Details	File	1	djkeuihk.sys
Details	File	1	drtoolkrl.sys
Details	File	1260	explorer.exe
Details	File	165	csrss.exe
Details	File	1	calculatorxxxx.exe
Details	File	1	image.doc
Details	File	1	1022s.html
Details	File	1	721.html
Details	File	1	1026i.html
Details	File	1	1027i.html
Details	File	2	blog-post.html
Details	File	1	517.html
Details	File	1	767.html
Details	File	1	799.html
Details	File	1	620.html
Details	File	1	635.html
Details	File	1	594.html
Details	File	1	546.html
Details	File	1	1031.html
Details	File	1	1032.html
Details	File	1	1030.html
Details	File	1	749.html
Details	File	1	518.html
Details	File	1	545.html
Details	File	1	559.html
Details	File	1	763.html
Details	File	1	656.html
Details	File	1	1021s.html
Details	File	1	my-sister.html
Details	File	1	1165.html
Details	File	1	748.html
Details	sha256	1	d90ebf52ad16db60949af988c24a9aaf59994836998ddefb7eadb7b26cecf05c
Details	sha256	1	7dc5f6e0296213b95ac6bbf07812987f681e933de8c41fef43789d01a410e320
Details	sha256	1	b2c497662c1fd004ad97173c95740ee89490dfe34cfae5c898461c108f6539cd
Details	sha256	1	87cdfc90ded55e83948e54ef2d20d78c1ef9d78a8a018c01aa80645fb7eb33ce
Details	sha256	1	838d62a9d978ca5dfbeef50636df6a05ac0377d245b3b9df931a2c2ddb8b9f28
Details	sha256	1	ea828b2250825e3530fa6a889b71aba5fe52bf1aa70cc240b5208fcd57490912
Details	sha256	1	9c45bf161947c7dd7aead23c2de4e806a7e260bd61be99eda0ce674f831c414f
Details	sha256	1	6e9bc99005f7070acd58c873caddcd3fe256bd281f1e7dfb81fbcc4fcdafeddd
Details	sha256	1	19f42d8d1a2b57058f38d62246cb1b7128c43060d2c504d2a52f4ef62e63e1fe
Details	sha256	1	a7c7f4b1751857c4e44b4a81666e10e73808294b9bdbfd9be18865b4612a370e
Details	sha256	1	f514319a8677fa29f0b2179d91fd7b190402de5bc87aca48b1ed2e96ab56905a
Details	sha256	1	d81c1d5f21e66f8fc49123dffb11d23c3d7531a922a7e060dc9455c92cdb8008
Details	sha256	1	d3c30f7339374d96c99df11cb4bbd944f11593a416cb5a67188c0f87e30d6054
Details	sha256	1	0e92454df699cea60df2ca1620ced9ca8e0bec8c6f4424df62b1b8c5e4b2167f
Details	sha256	1	cb48cefc8cdd4856f800b80ab7bb2dd98a5f3e2e83ec11d89f138ef259c324db
Details	sha256	1	d2323e3e850733b32cc72d6f9527181af1e1f13d24fa2bc4e2c2cc14bf148d70
Details	sha256	1	962c723b17d35b83ec52801be82bce4c2ce936c2bc57c82112958b0d32c9db97
Details	sha256	1	ab0b53890ecc5c85f050b18564b953895daec8db75652100639da49a71e538ff
Details	sha256	1	708db4511cb78329caaa50b69ed07ec28208a3bd05aea25f47fe5fe0ae5e2592
Details	sha256	1	c81d032fba5e178b7a264b301aec4399375067fa22ca85a0ab3eef4d06f3cdb0
Details	sha256	1	fff7ba34752cf2ed8e934b826235ea66a701b6a79f15c4e88e692c91e12941fa
Details	sha256	1	934b7cce2c370b5bfcd462e33e55aa45cc25c588361fdb32e7a2670a3acef0e2
Details	sha256	1	ec37f13a40eac500eece7904885ace72ca66fa015293159bba2a33992d2d2a6e
Details	sha256	1	28ed8326bb1c4099e2bd88973e73c4464a46bb35952b4490f7be165491b40da6
Details	sha256	1	0d8969db5bda666b92de13bc0033344ee489c340e02c2667e6fd5a924d52d20c
Details	sha256	1	66908c744a11db8d72ad0b95c41de9fa13cc996c17884a3b39e8fdcd4fee20ee
Details	sha256	1	f98f23c223a498c5687af84cd6c17b853a0abb0458d5606e5b62a3e75b1dbab6
Details	sha256	1	019426698cb1cc733024c38d0d09ff5dcac1ad9cf81d26c092a278f72f131e59
Details	sha256	1	04de0bcd0f61a38f7ffd59c8fb369616a1648e65ea717994dbbef7db1bb6df1d
Details	sha256	1	051825abb810183939cc00055eb841ba4c319c46fbacf30cc2b6ac60fb3305f8
Details	sha256	1	0ace52b5d1847f2fea1f6db75e69215176017d98d113fd7860eab89607e6c955
Details	sha256	1	1648ee9890f17f19b45c751f3bcf898267c7b8a3bb5188138f65b1857e8c9985
Details	sha256	1	1f634c71be6f0615facd7364ed2edb50b388d75ff26e486addafc40ee0f95d89
Details	sha256	1	3163a93a00d5e6c6de4d2d57a4badab0f33c5f27016f3685e5cfd83d0de759dd
Details	sha256	1	32e2f73faf2f8acb68b373ae61cdcb0a72d168be85102e520690bfd64840bb59
Details	sha256	1	4eeb22623b78909c1b6179ce47d1c5130b88d381ba86dc51886b78c03476c2dd
Details	sha256	1	551fd86f19d1980696622dd4cf2535573b8a66f3e4fb0155f8dac919f1f50488
Details	sha256	1	6bde69fb7d35fac40d6e108ce610401eb08c5fc69a481d4cb03483ee3cd9705e
Details	sha256	1	76d419d9a9d047ef19058496bb64c8caf2456a8d76f45a0523b7a5fdce21dd40
Details	sha256	1	7e41a9427e27e980578e59698d4f7f88c649e355eb26bbd549973f1ca7355828
Details	sha256	1	806742372cb0f4fc8a64b15b186e78cea1459f970b5620e2bcfdcd73db2d6fa6
Details	sha256	1	a94a8cbe146fb4f66ba907c1d40fdda916c8ecd0fa0d7114814a25565ac96aa2
Details	sha256	1	d6fce2bd96498333feb43404a34ce826ee915fa30785a18ec3c7b15b6ae924a9
Details	sha256	1	db25a7265029188d4d39cb5654c9ca558302fb0ddb3de081e53300122c8a3c2c
Details	sha256	1	e2da5b82da75be16640774128af067ac608515bd7a3c32082ae89c3967048c20
Details	sha256	1	e4c0c999af4abf99f6afa21c991357aff3c1eae1f424df3a2c307bb578fdbbf0
Details	sha256	1	ea6226fcb7adf1ad57f2e64c99d735e7cb54063b5bed970c5fd75a9e55f7bf1a
Details	IPv4	295	8.8.8.8
Details	IPv4	1	185.180.14.16
Details	IPv4	1	91.213.8.57
Details	Url	1	http://image.cheap2019.com
Details	Url	1	http://image.docu2018.com
Details	Url	1	http://image.gxb2018.com
Details	Url	1	http://image.japchn2018.com
Details	Url	1	http://image.pply2018.com
Details	Url	1	http://image.succe2018.com
Details	Url	1	http://image.yyxp2019.com
Details	Url	1	http://img.rmb777.me
Details	Url	1	http://1022k.blogspot.com/2018/02/1022s.html
Details	Url	1	http://7mlftakc3qt48.livejournal.com/721.html
Details	Url	1	http://bbx2018.blogspot.com/2018/02/1026i.html
Details	Url	1	http://bct2018.blogspot.com/2018/02/1027i.html
Details	Url	1	http://btv2018.blogspot.com/2018/02/blog-post.html
Details	Url	1	http://check2018.livejournal.com/517.html
Details	Url	1	http://earthjor.livejournal.com/721.html
Details	Url	1	http://gba2019.livejournal.com/767.html
Details	Url	1	http://hbrhzuds1199.livejournal.com/799.html
Details	Url	1	http://hrb2019.livejournal.com/620.html
Details	Url	1	http://iphone2019.livejournal.com/635.html
Details	Url	1	http://kawakaw.livejournal.com/594.html
Details	Url	1	http://livegoogle.livejournal.com/546.html
Details	Url	1	http://lovejoin2019.blogspot.com/2018/02/1031.html
Details	Url	1	http://myinsterschool.blogspot.com/2018/02/1032.html
Details	Url	1	http://myqnewworld.blogspot.com/2018/02/1030.html
Details	Url	1	http://nha2019.livejournal.com/749.html
Details	Url	1	http://talkto2018.livejournal.com/518.html
Details	Url	1	http://tpshadow66655.livejournal.com/545.html
Details	Url	1	http://xabx2019.livejournal.com/559.html
Details	Url	1	http://xmr1022.livejournal.com/763.html
Details	Url	1	http://xmr1022x.livejournal.com/656.html
Details	Url	1	http://xmr2019.blogspot.com/2018/01/1021s.html
Details	Url	1	http://xmr2019.blogspot.com/2018/01/my-sister.html
Details	Url	1	http://xmr2019.livejournal.com/1165.html
Details	Url	1	http://xmr2019.livejournal.com/748.html
Details	Windows Registry Key	1	HKLM\System\CurrentControlSet\Services\kemamiti\DataInfo