ioc[.]one - OSINT Cyber Threat Intelligence Database

You Can Run, But You Can’t Hide: Advanced Emotet Updates

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Powershell - T1086 Rundll32 - T1085 Windows Management Instrumentation - T1047

Show in Graph

Common Information

Type	Value
UUID	7ca23327-2d2a-457d-8228-7cec8ae35a66
Fingerprint	a0582b4129fe83e5
Analysis status	DONE
Considered CTI value	0
Text language
Published	Jan. 14, 2021, 5:05 p.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	You Can Run, But You Can’t Hide: Advanced Emotet Updates
Title	You Can Run, But You Can’t Hide: Advanced Emotet Updates
Detected Hints/Tags/Attributes	47/2/39

Source URLs

	Redirection	Url
Details	Source	https://www.netskope.com/blog/you-can-run-but-you-cant-hide-advanced-emotet-updates

URL Provider

Details	Provider	Source level domain
Details	netskope.com	www.netskope.com

Attributes

Details	Type	#Events	Value
Details	Domain	74	adodb.stream
Details	Domain	150	www.w3.org
Details	Domain	1	gpu.utepils.es
Details	Domain	1	hub.2mind.com.br
Details	Domain	1	swarajcollegeofeducation.com
Details	Domain	1	buy.manairge.com
Details	Domain	1	sniezka-6.test.etriton.pl
Details	Domain	1	www.alfenory.net
Details	Domain	1	babor-kosmetik-steglitz.de
Details	Domain	1	dna.1key.win
Details	File	1018	rundll32.exe
Details	File	41	msxml2.xml
Details	File	240	wmic.exe
Details	File	323	winword.exe
Details	File	142	wmiprvse.exe
Details	File	1	c:\users\pathto\f464.xsl
Details	File	291	user32.dll
Details	File	1	m3zt1.dll
Details	File	1	j3vg1.dll
Details	md5	1	b9c0ade410b564f79bd95febaac9f3f4
Details	md5	1	58b416ddb58188c5d726e25b62bd4162
Details	IPv4	1	23.55.163.71
Details	IPv4	1	91.121.76.43
Details	IPv4	1	103.235.106.140
Details	IPv4	1	178.254.36.172
Details	IPv4	1	23.55.163.68
Details	IPv4	1	167.172.218.142
Details	IPv4	1	185.41.131.131
Details	IPv4	1	47.244.28.71
Details	IPv4	1	2.16.107.80
Details	IPv4	1	2.16.107.114
Details	IPv4	1	222.232.172.143
Details	Url	11	http://www.w3.org/1999/xsl/transform
Details	Url	1	https://gpu.utepils.es/v2/lib/errorhandler/public/ewbjwe6emn.php
Details	Url	1	http://sniezka-6.test.etriton.pl/wp-includes/js/jquery/ui/cs3xtxhrij.php
Details	Url	1	http://www.alfenory.net/alfenory_erp.de/frontaccounting/purchasing/allocations/rebrgxirn5ewu5.php
Details	Url	1	http://www.alfenory.net/alfenory_erp.de/frontaccounting/purchasing/allocations/tlwenyfjyfd.php
Details	Url	1	http://swarajcollegeofeducation.com/a4content/a4progallery/nt5asqtuwl.php
Details	Url	1	http://dna.1key.win/mysql/locale/pt_br/lc_messages/iebuxi2pxfapvpe.php