Malware spam: "November Invoice #60132748" leads to Teslacrypt
Tags
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 59f9ba0d-d187-4914-b393-2eae981de7ef |
| Fingerprint | 604385d70334ed4e |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 2, 2015, 2:47 p.m. |
| Added to db | Jan. 18, 2023, 8:26 p.m. |
| Last updated | Sept. 4, 2024, 8:48 p.m. |
| Headline | Dynamoo's Blog |
| Title | Malware spam: "November Invoice #60132748" leads to Teslacrypt |
| Detected Hints/Tags/Attributes | 16/1/18 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | bestsurfinglessons.com |
|
| Details | Domain | 1 | ccfinance.it |
|
| Details | Domain | 1 | ecaequeeessa.com |
|
| Details | Domain | 1 | schonemaas.nl |
|
| Details | Domain | 1 | cic-la-banque.org |
|
| Details | Domain | 2 | tsbfdsv.extr6mchf.com |
|
| Details | Domain | 1 | alcov44uvcwkrend.onion.to |
|
| Details | Domain | 1 | rbtc23drs.7hdg13udd.com |
|
| Details | Domain | 1 | extr6mchf.com |
|
| Details | Domain | 1 | 7hdg13udd.com |
|
| Details | File | 1 | invoice_60132748.zip |
|
| Details | File | 1 | invoice_main_bd3847636213.js |
|
| Details | File | 1 | 76.exe |
|
| Details | md5 | 1 | 72c15108b68a0f07fdc4d17bd58aa368 |
|
| Details | md5 | 1 | 0352acd36fedd29e12aceb0068c66b49 |
|
| Details | md5 | 1 | f16692fc9170ff68321a5d060b93e2e7 |
|
| Details | IPv4 | 1 | 74.117.183.84 |
|
| Details | IPv4 | 1 | 5.39.222.193 |