RULEAKS: Russian Media and Disinformation in Ukraine by the DNR-ONLINE
Tags
| country: | Georgia Russia Ukraine |
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Social Media - T1593.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 65df98a9-cbe1-4aec-bae8-3b633c6130a4 |
| Fingerprint | a6cc191705b38780 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 28, 2017, 1 p.m. |
| Added to db | Jan. 18, 2023, 9:54 p.m. |
| Last updated | Sept. 4, 2024, 4:25 a.m. |
| Headline | Krypt3ia |
| Title | RULEAKS: Russian Media and Disinformation in Ukraine by the DNR-ONLINE |
| Detected Hints/Tags/Attributes | 69/2/52 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | dir-online.ru |
|
| Details | Domain | 1 | beget.ru |
|
| Details | Domain | 1 | zipnh4dzdtmuk.zip |
|
| Details | Domain | 2 | wallejob.in.ua |
|
| Details | Domain | 4 | www.threatcrowd.org |
|
| Details | Domain | 1 | ukraine.com.ua |
|
| Details | Domain | 1 | ns114.inhostedns.com |
|
| Details | Domain | 1 | ns214.inhostedns.net |
|
| Details | Domain | 1 | ns314.inhostedns.org |
|
| Details | Domain | 1 | wood-house.com.ua |
|
| Details | Domain | 1 | zarabatak.ru |
|
| Details | Domain | 1 | psh.co.ua |
|
| Details | Domain | 1 | sem-dev.co.ua |
|
| Details | Domain | 1 | ns311.inhostedns.org |
|
| Details | Domain | 1 | ns211.inhostedns.net |
|
| Details | Domain | 1 | ns111.inhostedns.com |
|
| Details | Domain | 1 | names.com.ua |
|
| Details | 1 | hostmaster@ukraine.com.ua |
||
| Details | File | 1 | года.exe |
|
| Details | File | 1 | 2015.exe |
|
| Details | File | 1 | zipnh4dzdtmuk.zip |
|
| Details | File | 3 | archive.rar |
|
| Details | File | 2 | helpldr.dll |
|
| Details | File | 14 | samlib.dll |
|
| Details | File | 2 | rbcon.ini |
|
| Details | File | 2 | wd.php |
|
| Details | File | 13 | ip.php |
|
| Details | File | 2 | malware.php |
|
| Details | File | 5 | domain.php |
|
| Details | md5 | 1 | 7accb6fed266a2023659f438ad1b3546 |
|
| Details | sha256 | 1 | f9a96ad58fb946981d196d653ec28fa31d6f946a7e2f6784b317dd9adc557b62 |
|
| Details | sha256 | 1 | 4eaf154ce8974228db6e35a1364337a12b821b73f052a44dc24ebdf0c1da6a4e |
|
| Details | sha256 | 1 | 319e9dc36678c4d774ba0765ec93d3160bd476ab0f98bac1b7e5b92e7994a88a |
|
| Details | IPv4 | 1 | 5.101.152.66 |
|
| Details | IPv4 | 2 | 185.68.16.35 |
|
| Details | Url | 1 | https://www.hybrid-analysis.com/sample/4eaf154ce8974228db6e35a1364337a12b821b73f052a44dc24ebdf0c1da6a4e?environmentid=100 |
|
| Details | Url | 1 | https://virustotal.com/en/file/4eaf154ce8974228db6e35a1364337a12b821b73f052a44dc24ebdf0c1da6a4e/analysis/1484661011 |
|
| Details | Url | 1 | http://wallejob.in.ua/wd.php?sn=2120161230091201&rb=7&ob=r_pol_x&bt=0 |
|
| Details | Url | 1 | https://www.threatcrowd.org/ip.php?ip=185.68.16.35 |
|
| Details | Url | 1 | https://www.threatcrowd.org/malware.php?md5=7accb6fed266a2023659f438ad1b3546 |
|
| Details | Url | 1 | http://wood-house.com.ua |
|
| Details | Url | 1 | https://www.threatcrowd.org/domain.php?domain=wood-house.com.ua |
|
| Details | Url | 1 | http://wallejob.in.ua |
|
| Details | Url | 1 | https://www.threatcrowd.org/domain.php?domain=wallejob.in.ua |
|
| Details | Url | 1 | https://www.hybrid-analysis.com/sample/319e9dc36678c4d774ba0765ec93d3160bd476ab0f98bac1b7e5b92e7994a88a/?environmentid=1 |
|
| Details | Url | 1 | http://zarabatak.ru |
|
| Details | Url | 1 | https://www.threatcrowd.org/domain.php?domain=zarabatak.ru |
|
| Details | Url | 1 | http://psh.co.ua |
|
| Details | Url | 1 | https://www.threatcrowd.org/domain.php?domain=psh.co.ua |
|
| Details | Url | 1 | http://sem-dev.co.ua |
|
| Details | Url | 1 | https://www.threatcrowd.org/domain.php?domain=sem-dev.co.ua |
|
| Details | Url | 1 | http://names.com.ua |