ioc[.]one - OSINT Cyber Threat Intelligence Database

The Steg Chronicles: Stegware — The Dangerous Combination of Malware & Steganography

Tags

country:	Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Exploits - T1587.004 Exploits - T1588.005 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Remote Desktop Protocol - T1021.001 Search Engines - T1593.002 Server - T1583.004 Server - T1584.004 Software - T1592.002 Steganography - T1001.002 Steganography - T1406.001 Steganography - T1027.003 Tool - T1588.002 Powershell - T1086 Remote Desktop Protocol - T1076

Show in Graph

Common Information

Type	Value
UUID	44d58269-bf26-4d68-951b-ee62fdcf1b16
Fingerprint	87241d39adf10fc1
Analysis status	DONE
Considered CTI value	1
Text language
Published	July 23, 2023, 5:27 p.m.
Added to db	July 23, 2023, 7:32 p.m.
Last updated	Nov. 17, 2024, 5:54 p.m.
Headline	The Steg Chronicles: Stegware — The Dangerous Combination of Malware & Steganography
Title	The Steg Chronicles: Stegware — The Dangerous Combination of Malware & Steganography
Detected Hints/Tags/Attributes	88/3/14

Source URLs

	Redirection	Url
Details	Source	https://ian-barwise.medium.com/the-steg-chronicles-stegware-the-dangerous-combination-of-malware-steganography-f23dd0754f01?source=rss------cybersecurity-5
Details	Source	https://ian-barwise.medium.com/the-steg-chronicles-stegware-the-dangerous-combination-of-malware-steganography-f23dd0754f01?source=rss------malware-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	ian-barwise.medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08
Details	171	✔	Malware on Medium	https://medium.com/feed/tag/malware	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	2		www.rhooters.com
Details	Domain	403		securelist.com
Details	Domain	14		www.flashpoint-intel.com
Details	Domain	145		threatpost.com
Details	Domain	29		www.techrepublic.com
Details	File	3		bottom.jpg
Details	Mandiant Temporary Group Assumption	21		TEMP.REAPER
Details	Threat Actor Identifier - APT	144		APT38
Details	Url	2		http://www.rhooters.com/bbs/data/m_photo/bottom.jpg
Details	Url	2		https://securelist.com/scarcruft-continues-to-evolve-introduces-bluetooth-harvester/90729
Details	Url	1		https://www.flashpoint-intel.com/blog/malware-loaders-continue-to-evolve-proliferate
Details	Url	1		https://threatpost.com/use-of-stegware-increases-in-stealth-malware-attacks/131293
Details	Url	1		https://threatpost.com/malware-brushaloader-more-menacing/146631
Details	Url	1		https://www.techrepublic.com/article/new-malware-dropper-is-a-hornets-nest-of-dangerous-software