ioc[.]one - OSINT Cyber Threat Intelligence Database

malware-ioc/sparklinggoblin at master · eset/malware-ioc

Tags

cmtmf-attack-pattern:

Acquire Infrastructure Application Layer Protocol Develop Capabilities Process Injection Scheduled Task/Job

attack-pattern:

Acquire Infrastructure Acquire Infrastructure - T1583 Application Layer Protocol - T1437 Dead Drop Resolver - T1102.001 Dead Drop Resolver - T1481.001 Develop Capabilities - T1587 Digital Certificates - T1596.003 Digital Certificates - T1587.003 Digital Certificates - T1588.004 Dll Search Order Hijacking - T1574.001 Domains - T1583.001 Domains - T1584.001 Encrypted Channel - T1521 Encrypted Channel - T1573 Hijack Execution Flow - T1625 Hijack Execution Flow - T1574 Installutil - T1218.004 Ip Addresses - T1590.005 System Network Configuration Discovery - T1422 Malware - T1587.001 Malware - T1588.001 System Information Discovery - T1426 Process Hollowing - T1055.012 Process Injection - T1631 Scheduled Task - T1053.005 Scheduled Task/Job - T1603 Server - T1583.004 Server - T1584.004 Symmetric Cryptography - T1521.001 Symmetric Cryptography - T1573.001 Web Protocols - T1071.001 Token Impersonation/Theft - T1134.001 Web Protocols - T1437.001 Web Service - T1481 Web Services - T1583.006 Web Services - T1584.006 Access Token Manipulation - T1134 Standard Application Layer Protocol - T1071 Connection Proxy - T1090 Deobfuscate/Decode Files Or Information - T1140 Dll Search Order Hijacking - T1038 Fallback Channels - T1008 Installutil - T1118 Process Hollowing - T1093 Process Injection - T1055 Query Registry - T1012 Scheduled Task - T1053 Signed Binary Proxy Execution - T1218 System Information Discovery - T1082 System Network Configuration Discovery - T1016 Web Service - T1102

Show in Graph

Common Information

Type	Value
UUID	4566a10f-a097-409d-82ea-d1e7cef02b5e
Fingerprint	1b08a3706ec8a5d2
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 4, 2020, midnight
Added to db	Sept. 11, 2022, 12:32 p.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	The SideWalk may be as dangerous as the CROSSWALK — Indicators of Compromise
Title	malware-ioc/sparklinggoblin at master · eset/malware-ioc
Detected Hints/Tags/Attributes	62/2/35

Source URLs

	Redirection	Url
Details	Source	https://github.com/eset/malware-ioc/tree/master/sparklinggoblin

URL Provider

Details	Provider	Source level domain
Details	github.com	github.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	update.facebookint.workers.dev
Details	Domain	2	cdn.cloudfiare.workers.dev
Details	File	1	c:\windows\system32\tasks\microsoft\windows\windowsupdate\webservice c:\windows\system32\tasks\microsoft\windows\ras\rastaskstart iislog.tmp
Details	File	1	webservice.tar
Details	md5	1	8E812FCAD3B3855DFD78980CEE0BEB71
Details	sha1	1	1077a3dc0d9ccfbb73bd9f2e6b72bc67addcf2ab
Details	sha1	1	153b8e46458bd65a68a89d258997e314fef72181
Details	sha1	1	ea44e9fbdbe5906a7fc469a988d83587e8e4b20d
Details	sha1	1	aa5b5f24bdfb049ef51bbb6246cb56cec89752bf
Details	sha1	1	829aadbde42df14ce8ed06ac02ad697a6c9798fe
Details	sha1	1	9762bc1c4cb04fe8eaeef50a4378a8d188d85360
Details	sha1	1	d54aeb62d0102d0cc4b96ca9e5eaade3846ec470
Details	IPv4	1	104.21.49.220
Details	IPv4	2	80.85.155.80
Details	IPv4	1	193.38.54.110
Details	MITRE ATT&CK Techniques	82	T1583.001
Details	MITRE ATT&CK Techniques	32	T1583.004
Details	MITRE ATT&CK Techniques	21	T1583.006
Details	MITRE ATT&CK Techniques	96	T1587.001
Details	MITRE ATT&CK Techniques	26	T1587.003
Details	MITRE ATT&CK Techniques	275	T1053.005
Details	MITRE ATT&CK Techniques	70	T1574.001
Details	MITRE ATT&CK Techniques	44	T1134.001
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	86	T1055.012
Details	MITRE ATT&CK Techniques	7	T1218.004
Details	MITRE ATT&CK Techniques	501	T1012
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	245	T1016
Details	MITRE ATT&CK Techniques	442	T1071.001
Details	MITRE ATT&CK Techniques	130	T1573.001
Details	MITRE ATT&CK Techniques	41	T1008
Details	MITRE ATT&CK Techniques	152	T1090
Details	MITRE ATT&CK Techniques	149	T1102
Details	MITRE ATT&CK Techniques	18	T1102.001