Case Study-Digital Forensic Analysis of Malware Infected Machine
Tags
country: China India
maec-delivery-vectors: Watering Hole
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Hardware - T1592.001 Hooking - T1617 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Social Media - T1593.001 Software - T1592.002 Tool - T1588.002 Whois - T1596.002 Connection Proxy - T1090 Hooking - T1179 Hooking
Show in Graph
Common Information
Type Value
UUID 47d8c772-e131-447a-b106-3c8d020c5878
Fingerprint 9d3699ad88a3c4c1
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 30, 2024, 12:05 p.m.
Added to db Oct. 30, 2024, 1:09 p.m.
Last updated Nov. 17, 2024, 7:44 p.m.
Headline Case Study-Digital Forensic Analysis of Malware Infected Machine
Title Case Study-Digital Forensic Analysis of Malware Infected Machine
Detected Hints/Tags/Attributes 112/3/48
Source URLs
Redirection Url
Details Source https://rohit12.medium.com/case-study-digital-forensic-analysis-of-malware-infected-machine-c1305f2fa476?source=rss------malware-5
URL Provider
Details Provider Source level domain
Details medium.com rohit12.medium.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 171 Malware on Medium https://medium.com/feed/tag/malware 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 97 
virustotal.com
Details Domain 122 
www.kaspersky.com
Details Domain 9 
www.digitaldefense.com
Details Domain 1 
www.definitions.net
Details Domain 11 
www.unodc.org
Details Domain 1 
www.acethepmpexam.com
Details Domain 9 
whatis.com
Details Domain 7 
whatis.techtarget.com
Details Domain 1 
searchwindowsserver.techtarget.com
Details Domain 281 
docs.microsoft.com
Details Domain 3 
ssd.eff.org
Details Domain 1 
www.swcomms.co.uk
Details Domain 5 
www.sleuthkit.org
Details Domain 675 
www.linkedin.com
Details Domain 4127 
github.com
Details Domain 1373 
twitter.com
Details Domain 165 
www.instagram.com
Details File 1260 
explorer.exe
Details File 18 
jucheck.exe
Details File 1 
igfxpres.exe
Details File 29 
jusched.exe
Details File 1 
emvije.exe
Details File 1 
handling-of-digital-evidence.html
Details File 5 
www.ace
Details File 2 
techniques.html
Details File 3 
ro_hit.exe
Details Github username 3 
rohit273
Details IPv4 1 
24.177.33.91
Details IPv4 1 
111.112.113.52
Details IPv4 1 
111.112.113.50
Details Threat Actor Identifier - APT 522 
APT41
Details Url 1 
https://www.kaspersky.com/blog/the-big-four-banking-trojans/2956
Details Url 1 
https://www.digitaldefense.com/blog/zeus-trojan-what-it-is-how-to-prevent-it-digital-defense
Details Url 1 
https://www.definitions.net/definition/digital
Details Url 1 
https://www.unodc.org/e4j/en/cybercrime/module-6/key-issues/handling-of-digital-evidence.html
Details Url 1 
https://www.acethepmpexam.com/ppe/tools
Details Url 1 
https://whatis.techtarget.com/definition/memory-dump
Details Url 1 
https://searchwindowsserver.techtarget.com/definition/windows-event-log
Details Url 1 
https://docs.microsoft.com/en-us/dotnet/standard/security/ensuring-data-integrity-with-hash-codes
Details Url 1 
https://ssd.eff.org/en/module/what-fingerprinting
Details Url 1 
https://www.swcomms.co.uk/blog/article/the-motivations-of-a-hacker
Details Url 2 
https://www.sleuthkit.org/autopsy
Details Url 3 
https://www.linkedin.com/in/rohit-ray-19284b232
Details Url 3 
https://github.com/rohit273
Details Url 3 
https://twitter.com/rhittttt
Details Url 3 
https://www.instagram.com/ro_hit.exe
Details Windows Registry Key 1 
HKLM\System\Controlset002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall
Details Windows Registry Key 1 
HKLM\System\Controlset002\Services\SharedAccess\Start