ioc[.]one - OSINT Cyber Threat Intelligence Database

DuckTail: Dissecting a complex infection chain started from social engineering - Yoroi

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Model Models Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Python - T1059.006 Scheduled Task - T1053.005 Social Media - T1593.001 Social Media Accounts - T1585.001 Social Media Accounts - T1586.001 Software - T1592.002 Tool - T1588.002 Powershell - T1086 Scheduled Task - T1053

Show in Graph

Common Information

Type	Value
UUID	7b618fcf-3f5f-4e85-9727-34adc17a40c1
Fingerprint	b4200b98a9b70619
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 29, 2023, 10:36 a.m.
Added to db	June 5, 2023, 2:06 p.m.
Last updated	Nov. 17, 2024, 9:42 p.m.
Headline	DuckTail: Dissecting a complex infection chain started from social engineering
Title	DuckTail: Dissecting a complex infection chain started from social engineering - Yoroi
Detected Hints/Tags/Attributes	88/2/86

Source URLs

	Redirection	Url
Details	Source	https://yoroi.company/research/ducktail-dissecting-a-complex-infection-chain-started-from-social-engineering/

URL Provider

Details	Provider	Source level domain
Details	yoroi.company	yoroi.company

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	409	✔	Yoroi	https://yoroi.company/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	2	download5s.com
Details	Domain	2	x-photos.net
Details	Domain	1	beautygirls-photos.com
Details	Domain	1	beautygirls-picture.com
Details	Domain	2	photo-cam.com
Details	Domain	2	x-album.com
Details	Domain	1	x-albums.com
Details	Domain	2	x-pictures.net
Details	Domain	43	sites.google.com
Details	Domain	1	s1-download-photos.com
Details	Domain	2	jmooreassoc.com
Details	Domain	1	meetstaci.com
Details	Domain	2	kimhasa.com
Details	Domain	1	notodaiya.com
Details	Domain	2	karbilyazilim.com
Details	Domain	2	shble.com
Details	Domain	1	velascasadelaluz.com
Details	Domain	2	romeflirt.com
Details	Domain	1	ikejd.com
Details	Domain	48	storage.googleapis.com
Details	Domain	1	albumno6128183.zip
Details	Domain	1	riospress.com
Details	Domain	1	ro2sport.com
Details	Domain	2	rapadtrai.com
Details	Domain	2	graeslavur.com
Details	Domain	2	caseiden.com
Details	Domain	1	te5.techgeetam.com
Details	Domain	1	sensetria.com
Details	File	1	album_beautiful_girl_in_the_hotels.rar
Details	File	1	albumno6128183.zip
Details	File	1	rnews.exe
Details	File	93	curl.exe
Details	File	96	rar.exe
Details	File	3	info.json
Details	File	153	config.json
Details	File	3	wdsyncservice.exe
Details	File	5	m.txt
Details	File	1	aysvdawhdaadaoc.exe
Details	File	1205	index.php
Details	File	21	include.php
Details	File	13	php.exe
Details	File	1	rss.txt
Details	sha256	1	fcec8d28e17f7af13d0961eb8b8d25eaf0e76e50fdc8cd4e2e79de7d6b67d25d
Details	sha256	1	c17524501439d58ffb701907d83e3e20558a445363fa0733bb328e0d69c91441
Details	sha256	1	e1517e6bd6169c543083e36c45894a98b8ae592bf9dc265978f198af70a853b1
Details	sha256	1	0fad31fc16beeb24ca924a94614f3905f5c463a972ae395eec58614d014e73ad
Details	sha256	1	8c60a4691f610e325597af83ee2c99945e7eb1cb189fff03cf2264e461fead53
Details	sha256	1	16ad22f8ab4f99a03bc2b68bf3314397f30f67a01bb5a283020e85979b811d93
Details	sha256	1	5bac0b4ee00c1cb9a5b2969a18077ab74257790bd2610224253d3faf58714f43
Details	sha256	1	8fd4910dd8b05c9ea617f9b86f31aac5663db12495e9295ccaf19e3d58b8b3b4
Details	sha256	1	2320b045e831ee38c9abd1b872deb25c7d26d3437ba21491c06b8fc1a18143ac
Details	sha256	1	365ed9b3ab7d369a319a2ebe1da9953ab6ad4f9878f82aba3d30a47e9e0c60fb
Details	sha256	1	3e242475d95322df510e2437f5a1f319d8ee442dbc649fa1a443fd478b3e7876
Details	sha256	1	418d02b2f8013746f9f06e328ad4040063db887d85de141da39a7e7513f0459a
Details	sha256	1	446f5be2028492615b5b51d9de05e67e464a9ca26b0b47972dd43179cc8cb6e0
Details	sha256	1	50d55c4c79eaddf5368bdb9b60a68f35ed42f17ccb43812c95903306cdc126a9
Details	sha256	1	5a75df284314b0edcf9534c5f8a2d95013f73803fdbc56afb970af53cd9e0479
Details	sha256	1	65d4046b5a85327da285c05d72869c41aac8952e0fb8a44babe897528a674e58
Details	sha256	1	6d29ac0626b6908d938fe0d6a8d84b830c524d4b3f24255775d05a66f57c22ec
Details	sha256	1	718e88759a7e2ae40309b5c38de18a667305acafee07dfcdaee180c46bdc514c
Details	sha256	1	74955b4db49ea399fac96d09211152ead722016218dfaca4561a50990af1caa6
Details	sha256	1	74b25e1e2d33b666df5eb0fb26eb808f93faf78942f5f253d0e415753d048b89
Details	sha256	1	78380b620294ab60b558d0de3e38d479fa965eca1d1e38a9f97fbef62bfd8bd9
Details	sha256	1	898650ac940c4a6711fe81bef0c118f141305188a36431560fa7a6a3f299fdf0
Details	sha256	1	8ee067b7c23111cda02d5c5a4f6f10216d553dad90afaaa3b056869d74e8dd0b
Details	sha256	1	91318b6b2a8efeb759cb49f7cab6cc5b1bca7df41a9ccc378900d30c0ad25e4a
Details	sha256	1	91cd20e848f67432ce4e69449e8679f6a405f9087adae41510eb607e620d6177
Details	sha256	1	a98f225699d8ff6875e08fb2f12236f6fc1f463d61aa1ace1cadb8deded60d0d
Details	sha256	1	b59ee8c9242fd16971cf15ce4d8308944b1990b0c0cfaf96da1f83a6f6d6bf25
Details	sha256	1	bb73253555f518c3646356da5b8a3747a541a8a48b72827e4dcf892cde94e094
Details	sha256	1	c00e1239a781276f9be2f8920cc0a13367548b7638b7d483462c7c7b6daf6878
Details	sha256	1	c636823a07b8498ea0496ff17c501ee69cf14ae18cb881ccc5721fc9b218cac4
Details	sha256	1	ddceae97a3e0cbf28731203aa2d2067deab155b2601432e122bbfca712713285
Details	sha256	1	f390c68389331be62695464e049df845b750bd03d82e4b6809bdc15a9439df44
Details	sha256	1	f45711466e9182d606da6711318a6e6c14688a09636945b41a26d31d8056cb5f
Details	sha256	1	f95d284a862662195c351db2cdb36d371a105585d783e7289d73cb07a442c4ba
Details	sha256	1	f9691281cd8d6c2d5ebee974afb54024b67ae71c8a720e3fc37d5a7ec4b8f669
Details	sha256	1	0f765b4fbeda401e5b4ff34cd470c0fe8d77eafad73b68852e59e3e6abb182cf
Details	sha256	1	cb807472bb6d4d1113fcbc209d6a08fa80ff9e53c83b1aa37f9d6f549affd68c
Details	sha256	1	4abdb3f59e3433b2d410106c75d4711574e0b61b0ef92653b9971154d9841a4f
Details	sha256	1	52bd6d7d8c9fe087ba64adafbfa623e49b69425829b8c9c8a8eadb2e06669892
Details	Url	1	https://sites.google.com/view/lonely-in-car
Details	Url	1	https://download2388.mediafire.com/eif5tfodd4ng/hrcyyor418tp8hw/album_beautiful_girl_in_the_hotels.rar
Details	Url	1	https://storage.googleapis.com/migc/albumno6128183.zip
Details	Url	1	https://riospress.com/rss/news
Details	Url	1	https://ro2sport.com/rss/news