ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
Tags
cmtmf-attack-pattern: Masquerading
country: Brazil Laos
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Email Addresses - T1589.002 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Server - T1583.004 Server - T1584.004 Web Service - T1481 Vulnerabilities - T1588.006 Browser Extensions - T1176 Connection Proxy - T1090 Masquerading - T1036 Scripting - T1064 Windows Management Instrumentation - T1047 Web Service - T1102 Masquerading Scripting
Show in Graph
Common Information
Type Value
UUID 5ca80c71-5eb9-42d0-82af-13788a8620e1
Fingerprint b802ba81296d3729
Analysis status DONE
Considered CTI value 0
Text language
Published Nov. 23, 2023, midnight
Added to db Oct. 15, 2024, 3:38 p.m.
Last updated Nov. 17, 2024, 9:55 a.m.
Headline ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil
Title ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
Detected Hints/Tags/Attributes 69/4/18
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_ph/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_my/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_hk/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_ca/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_nl/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_sg/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_ie/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_au/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_se/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_no/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_ae/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_in/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_gb/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_dk/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Details Source https://www.trendmicro.com/en_fi/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details File 13 
chrome.tab
Details File 86 
manifest.json
Details File 1 
yyva.js
Details File 1 
scripting.exe
Details File 1 
scripting.reg
Details File 1 
yavvy.js
Details File 1 
sovvy.js
Details File 1 
33nhuah.js
Details File 1 
unpgp2.js
Details File 1 
s12ih0a.js
Details File 1 
33nhauh.js
Details Url 1 
https://storage.googleapis.com/98jk3m5azb/-.
Details Url 1 
https://rezumdolly.com:8443/api/alert
Details Domain 55 
live.com
Details File 1 
%programfiles%\google\chrome\application\chrome.exe
Details Domain 48 
storage.googleapis.com
Details Domain 1 
rezumdolly.com
Details Domain 1 
chrome.windows