Rewterz Threat Alert – Plugx Delivered by Covid-Themed Documents - Rewterz
Tags
| attack-pattern: | Javascript - T1059.007 |
Common Information
| Type | Value |
|---|---|
| UUID | 55be3903-25da-4221-8bb5-1cf1185a3188 |
| Fingerprint | a6ee1251668fc2bd |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 19, 2020, 5:47 p.m. |
| Added to db | Dec. 19, 2024, 2:15 a.m. |
| Last updated | Dec. 25, 2024, 4:23 p.m. |
| Headline | Rewterz Threat Alert – Plugx Delivered by Covid-Themed Documents |
| Title | Rewterz Threat Alert – Plugx Delivered by Covid-Themed Documents - Rewterz |
| Detected Hints/Tags/Attributes | 22/1/13 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | motivation.neighboring.site |
|
| Details | Domain | 2 | controls.do |
|
| Details | Domain | 389 | wscript.shell |
|
| Details | File | 3 | 9soxn6ltf0afe7.js |
|
| Details | File | 168 | cscript.exe |
|
| Details | md5 | 2 | 83d04f21515c7e6316f9cd0bb393a118 |
|
| Details | md5 | 3 | 21a51a834372ab11fba72fb865d6830e |
|
| Details | md5 | 2 | fd648c3b7495abbe86b850587e2e5431 |
|
| Details | sha256 | 2 | a49133ed68bebb66412d3eb5d2b84ee71c393627906f574a29247d8699f1f38e |
|
| Details | sha256 | 3 | 95489af84596a21b6fcca078ed10746a32e974a84d0daed28cc56e77c38cc5a8 |
|
| Details | sha256 | 3 | 002c9e0578a8b76f626e59b755a8aac18b5d048f1cc76e2c12f68bc3dd18b124 |
|
| Details | Threat Actor Identifier - APT | 324 | APT27 |
|
| Details | Url | 4 | http://motivation.neighboring.site/01/index.php |