Info-Stealer Malware Disguised as Illegal Pornography Being Distributed via Discord - ASEC BLOG
Tags
| attack-pattern: | Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 63937a6b-582c-4d80-9b36-2e56c6d72ac1 |
| Fingerprint | 89b65ea3adf72697 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 2, 2021, 8:50 a.m. |
| Added to db | Sept. 11, 2022, 4:59 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | Info-Stealer Malware Disguised as Illegal Pornography Being Distributed via Discord |
| Title | Info-Stealer Malware Disguised as Illegal Pornography Being Distributed via Discord - ASEC BLOG |
| Detected Hints/Tags/Attributes | 17/1/10 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/en/24512/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 189 | asec.ahnlab.com |
|
| Details | File | 15 | run.exe |
|
| Details | File | 1 | run_2.zip |
|
| Details | File | 103 | regasm.exe |
|
| Details | File | 13 | data.dll |
|
| Details | File | 31 | generic.c4 |
|
| Details | md5 | 1 | 982c55aed3a44155f3c6830fb57b02fa |
|
| Details | md5 | 3 | 053778713819beab3df309df472787cd |
|
| Details | Url | 1 | https://asec.ahnlab.com/en/19343 |
|
| Details | Url | 1 | https://discordapp.com/api/webhooks/850992968948121641/voidbofeitmykhskgbrl_n-wztkqd5pep2mapawzz6g4gakxxmvyt4hzgsqxrubwq_-x |