InfoSec Handlers Diary Blog - SANS Internet Storm Center
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Ssh - T1021.004 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID 5b0b4005-d7b1-44fb-b67f-f1e698dd64a8
Fingerprint 2f50bb5da07a00cb
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 12, 2022, midnight
Added to db Sept. 12, 2022, 4:59 p.m.
Last updated Nov. 17, 2024, 7:44 p.m.
Headline Internet Storm Center
Title InfoSec Handlers Diary Blog - SANS Internet Storm Center
Detected Hints/Tags/Attributes 46/2/22
Source URLs
Redirection Url
Details Source https://isc.sans.edu/diary/rss/29040
URL Provider
Details Provider Source level domain
Details sans.edu isc.sans.edu
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 4 
trojan.shell
Details Domain 1 
downloader.shell
Details Domain 1 
mirai.bo
Details Domain 1 
downldr.ae
Details Domain 1 
mirai.aw
Details Domain 268 
www.virustotal.com
Details Domain 425 
isc.sans.edu
Details Domain 4127 
github.com
Details Domain 622 
en.wikipedia.org
Details Domain 1 
exceljet.net
Details Domain 20 
www.comparitech.com
Details Domain 67 
www.dropbox.com
Details File 3 
honeypot.html
Details File 1 
submit_vtfiles.py
Details Github username 4 
jslagrew
Details Url 43 
https://www.virustotal.com
Details Url 3 
https://isc.sans.edu/honeypot.html
Details Url 1 
https://github.com/jslagrew/cowrieprocessor/blob/main/submit_vtfiles.py
Details Url 4 
https://en.wikipedia.org/wiki/mirai_
Details Url 1 
https://exceljet.net/formula/xlookup-latest-by-date
Details Url 1 
https://www.comparitech.com/antivirus/avast-vs-avg
Details Url 1 
https://www.dropbox.com/sh/jswjv5mlvku0ep7/aadm5vyor8jwil7_bgqxjz7ra?dl=0