Neutrino Delivers Fake Flash Malware Hosted on SkyDrive | Malwarebytes Labs
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | 4b80b119-94db-4651-9186-ed91af70f0b7 |
| Fingerprint | f56019cc0de36213 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 29, 2014, midnight |
| Added to db | Jan. 18, 2023, 8:35 p.m. |
| Last updated | Nov. 12, 2024, 2:06 a.m. |
| Headline | Neutrino Delivers Fake Flash Malware Hosted on SkyDrive |
| Title | Neutrino Delivers Fake Flash Malware Hosted on SkyDrive | Malwarebytes Labs |
| Detected Hints/Tags/Attributes | 31/2/11 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | trojan.agent.ai |
|
| Details | Domain | 1 | telahzae.kranted.com |
|
| Details | File | 12 | agent.ai |
|
| Details | File | 1 | kkynrjtkyr.js |
|
| Details | File | 1 | flashplayer2.exe |
|
| Details | Url | 1 | http://telahzae.kranted.com:8000/hyngtxtu?fyqkxhhmvx=6621548 |
|
| Details | Url | 1 | http://telahzae.kranted.com:8000/kkynrjtkyr.js |
|
| Details | Url | 1 | http://telahzae.kranted.com:8000/bxdlynvfooebbb |
|
| Details | Url | 1 | http://telahzae.kranted.com:8000/txsbjk |
|
| Details | Url | 1 | http://telahzae.kranted.com:8000/dyjumuf?iiqiqdlduj=nmnpvqjhi |
|
| Details | Url | 1 | http://telahzae.kranted.com:8000/zmezvehuhuwppm?inwpzqvsyla=nmnpvqjhi |