Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
Tags
country: Japan
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Software - T1592.002 Trap - T1546.005 Vulnerabilities - T1588.006 Connection Proxy - T1090 Trap - T1154
Show in Graph
Common Information
Type Value
UUID 61652c45-aafb-4736-be94-0944e0aa44ca
Fingerprint 14a1a83189afc381
Analysis status DONE
Considered CTI value 0
Text language
Published March 11, 2020, midnight
Added to db Oct. 15, 2024, 5:37 p.m.
Last updated Oct. 23, 2024, 3:29 p.m.
Headline Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
Title Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
Detected Hints/Tags/Attributes 62/3/11
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_ca/research/20/c/operation-overtrap-targets-japanese-online-banking-users-via-bot.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details CVE 59 
cve-2018-15982
Details CVE 106 
cve-2018-8174
Details Domain 4 
ftp.cadwork.ch
Details Domain 7 
archive.torproject.org
Details File 12 
unzip.exe
Details File 33 
tor.exe
Details File 62 
taskhost.exe
Details File 3 
%systemroot%\system32\mswsock.dll
Details IPv4 5 
0.3.5.8
Details Url 4 
ftp://ftp.cadwork.ch/dvd_v20/cadwork.dir/com/unzip.exe
Details Url 3 
https://archive.torproject.org/tor-package-archive/torbrowser/8.0.8/tor-win32-0.3.5.8.zip