tweets/2021-07-26-Trickbot-gtag-rob112.txt at master · pan-unit42/tweets
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Rundll32 - T1218.011 Rundll32 - T1085
Show in Graph
Common Information
Type Value
UUID 7db09e0c-28b2-40d5-baa9-14ebf17b642a
Fingerprint 4f1f394cfe1547d6
Analysis status DONE
Considered CTI value 2
Text language
Published July 26, 2021, midnight
Added to db Sept. 11, 2022, 12:44 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline UNKNOWN
Title tweets/2021-07-26-Trickbot-gtag-rob112.txt at master · pan-unit42/tweets
Detected Hints/Tags/Attributes 12/1/36
Source URLs
Redirection Url
Details Source https://github.com/pan-unit42/tweets/blob/master/2021-07-26-Trickbot-gtag-rob112.txt
URL Provider
Details Provider Source level domain
Details github.com github.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
o2.p8.mailjet.com
Details Domain 1 
mailjet.com
Details Domain 1 
netvalleykenya.com
Details Email 1 
01b809de.amwaakoqbuiaaaaaaaaaalkimncaar0rok4aaaaaaazc2qbg_vij@mailjet.com
Details File 1 
2021-07-26-trickbot-gtag-rob112.txt
Details File 1 
details_5908.zip
Details File 1 
details_5908.js
Details File 1 
wfhg.bin
Details File 1018 
rundll32.exe
Details File 1 
crm.php
Details sha256 1 
8f421ddf0df678fe1c22460e0fa3a10c7c48112197917e3843c5674ffe429503
Details sha256 1 
7559493fd22c60217b62790fa4576988396967b597cade92f288ef39335bee3b
Details sha256 1 
6e057855e21f4c93a4e3825b9711ca07ccec94fed55dbc20e1d3316b2b3dc549
Details IPv4 1 
87.253.233.2
Details IPv4 1 
192.185.150.20
Details IPv4 1 
213.244.146.19
Details IPv4 1 
38.110.103.18
Details IPv4 1 
38.110.103.19
Details IPv4 1 
38.110.100.33
Details IPv4 1 
38.110.103.124
Details IPv4 1 
38.110.103.136
Details IPv4 1 
80.15.2.105
Details IPv4 3 
94.140.114.239
Details IPv4 1 
190.144.10.242
Details IPv4 1 
194.135.33.220
Details Url 1 
https://docs.zohopublic.eu/downloaddocument.do?docid=674ni225458b03d204b4ab290dc0afd57ec8c&docextn=pdf
Details Url 1 
http://netvalleykenya.com/crm.php
Details Url 1 
https://38.110.103.18/rob112
Details Url 1 
https://38.110.103.19/rob112
Details Url 1 
https://38.110.100.33/rob112
Details Url 1 
https://38.110.103.124/rob112
Details Url 1 
https://38.110.103.136/rob112
Details Url 1 
https://80.15.2.105/rob112
Details Url 1 
http://94.140.114.239:443/rob112
Details Url 1 
https://190.144.10.242/rob112
Details Url 1 
http://194.135.33.220:443/rob112