Stealthy OpenDocument Malware Deployed Against Latin American Hotels | HP Wolf Security
Tags
country: Spain Laos Portugal
maec-delivery-vectors: Watering Hole
attack-pattern: Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Powershell - T1059.001 Scheduled Task - T1053.005 Visual Basic - T1059.005 Tool - T1588.002 Mshta - T1170 Powershell - T1086 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID 72e41980-e998-4732-b7d4-8e070c11a7b8
Fingerprint 2451a97b0da64723
Analysis status DONE
Considered CTI value 2
Text language
Published July 15, 2022, 7:01 a.m.
Added to db Oct. 24, 2023, 1:43 p.m.
Last updated Nov. 18, 2024, 12:28 p.m.
Headline Stealthy OpenDocument Malware Deployed Against Latin American Hotels
Title Stealthy OpenDocument Malware Deployed Against Latin American Hotels | HP Wolf Security
Detected Hints/Tags/Attributes 41/3/21
Source URLs
Redirection Url
Details Source https://threatresearch.ext.hp.com/stealthy-opendocument-malware-targets-latin-american-hotels/
Details Source https://threatresearch.ext.hp.com/stealthy-opendocument-malware-targets-latin-american-hotels/?web_view=true
URL Provider
Details Provider Source level domain
Details hp.com threatresearch.ext.hp.com
Attributes
Details Type #Events CTI Value
Details Domain 2 
webnar.info
Details Domain 2 
www.unimed-corporated.com
Details File 21 
styles.xml
Details File 457 
mshta.exe
Details File 1 
hplus.odt
Details File 1 
ltda.odt
Details sha256 1 
74d8bc5023f8d56e5b9fb46a5da5f1ce7e3e04826ca543274d7f6205866490b9
Details sha256 1 
b13ce271e58dff54bccf92dbccc17414af168efc2d47d44554a883ca0b2e8e08
Details sha256 1 
85007a9921ef08cae11e27944fcf0a1897c78dd9f26b6801f17b3b2f80d8f794
Details sha256 1 
598ee4b45b38e5d3485e0d6da9e4369c91c5e9981d869ab4745e4df1f9ac14b2
Details sha256 1 
2c783d33c0f86fd266efab7dc2f135e83de49472914fc4646f94f590104c0dfa
Details sha256 1 
b88fcd15369df470634ec02ee42392ac948520b4c55b7a7b2c5f979c94cd43d5
Details sha256 1 
6a9c9855bdef4e811610f78385c2deca1f898610de1827f55b92458d157a1788
Details sha256 1 
d46bad7b5f3bf546f70ea1e5caddd1974b06d1befa26f6bca54c98c1431e5276
Details sha256 1 
559eb36bf8ebcb34156972e3eb77bc2c103c9320ef09f31d945532deed73fb87
Details sha256 1 
46503673cf5a603f12cf01d7a6ef232a2bad791201e17d0b449e5e094c63bca3
Details sha256 1 
35e16501438467a0649210473d2527310575a302471778989568b1ef40766b46
Details sha256 1 
1d266e5c8036b48136d9585040c6f85cb61a8b8693997cc0e9ed88e55e1157ea
Details sha256 1 
c402e4b0fa8c7742d6ad086160a71d5d2b0e23d6531dd739076cc10922da5076
Details sha256 1 
db76cf9623b1f2b1750d75fa2502af7e4f1f6050000bbcedef6379e9d5cb9408
Details MITRE ATT&CK Techniques 59 
T1218.005