White Snake: Latest Campaign With Multi-Stage Malware Dropper – CyberArmor
Tags
country: India United Kingdom
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 3d2103f4-54e1-4a44-a340-de6049f857be
Fingerprint 8c0529a8097f06d3
Analysis status DONE
Considered CTI value 0
Text language
Published July 1, 2024, midnight
Added to db Sept. 22, 2024, 1:40 p.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline White Snake: Latest Campaign With Multi-Stage Malware Dropper
Title White Snake: Latest Campaign With Multi-Stage Malware Dropper – CyberArmor
Detected Hints/Tags/Attributes 70/3/22
Source URLs
Redirection Url
Details Source https://cyberarmor.tech/white-snake-latest-campaign-with-multi-stage-malware-dropper/
URL Provider
Details Provider Source level domain
Details cyberarmor.tech cyberarmor.tech
Attributes
Details Type #Events CTI Value
Details Domain 228 
system.io
Details Domain 1 
identification.country
Details File 1 
invoice_21920047-2.bat
Details File 1209 
powershell.exe
Details File 5 
ui.raw
Details File 2 
payload1.exe
Details File 4 
payload2.exe
Details File 55 
payload.exe
Details File 1 
hahahaha.txt
Details File 409 
c:\windows\system32\cmd.exe
Details File 1 
mobaxterm.ini
Details File 2 
sessions.txt
Details md5 1 
f5e560563821bae0d5491a87cbc0e4eb
Details md5 1 
4ecd44791285d64bd89bb3a01e15cc94
Details md5 1 
bcb5716a9346fb8f6d61ecc5ed3f1c68
Details sha1 1 
cef937741b8e7df616df371c4424a1e363e5c3ae
Details sha1 1 
22662d3600252868572c73a29b129b7407c34698
Details sha1 1 
30454dd50aa6cd8614b4de7cdb82f3f063a97725
Details sha256 1 
c234ce22d4e0a606ba5af027d6af8b42ee5c2497f7399d7ea682237ce12ada76
Details sha256 1 
af058bb15db0209e6b4faed47f642eac30547e9267ab7960e63e719b674b953d
Details sha256 1 
a2a2ac4177a49653f2061a6d1e81b712cdd9073f70df1599afaffc90d3d27cb4
Details IPv4 1 
1.6.1.9