“The Turkish Rat” Evolved Adwind in a Massive Ongoing Phishing Campaign - Check Point Research
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 7ff30579-75db-4b10-8c3d-0a6b96b0ecde |
| Fingerprint | b5051989856f0fc1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 17, 2020, 11 a.m. |
| Added to db | Jan. 18, 2023, 10:14 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | “The Turkish Rat” Evolved Adwind in a Massive Ongoing Phishing Campaign |
| Title | “The Turkish Rat” Evolved Adwind in a Massive Ongoing Phishing Campaign - Check Point Research |
| Detected Hints/Tags/Attributes | 51/3/48 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | pages.github.com |
|
| Details | Domain | 40 | checkip.amazonaws.com |
|
| Details | Domain | 123 | ipinfo.io |
|
| Details | Domain | 1 | 21736.xyz |
|
| Details | Domain | 1 | 15438.xyz |
|
| Details | Domain | 1 | 12724.xyz |
|
| Details | File | 1 | zpmqwjs.docx |
|
| Details | File | 1 | wucgy3jecwgpv.svg |
|
| Details | File | 1 | 6da7uj4b4oi2a.pdf |
|
| Details | File | 240 | wmic.exe |
|
| Details | File | 27 | attrib.exe |
|
| Details | sha1 | 1 | c71663808fcbab56682602c9e97de8c3a761f4ed |
|
| Details | sha1 | 1 | 5749253092cad3e8f7ddf50ce04beda666005c06 |
|
| Details | sha1 | 1 | aeb56403f3d3950a530663dca5ecb7530d7fec3d |
|
| Details | sha1 | 1 | b3281798cc961738f9c7e6b269492c0f9bb47f08 |
|
| Details | sha1 | 1 | b4a8dfe2eebaf436c021458e515baf39ed812740 |
|
| Details | sha1 | 1 | dd0e3c99d3a62e4b45008ffb2f9f046399dc9603 |
|
| Details | sha1 | 1 | 72bd643d71cd725ac59e6fc76a4617180e652ddf |
|
| Details | sha1 | 1 | 0914962f88e854527d9b4822fa6d2ff31abc88d4 |
|
| Details | sha1 | 1 | 099a4689f83e9136877f707f853bd906e47abb28 |
|
| Details | sha1 | 1 | 57045445bb365d711c411f3d61dcc71c416a29b1 |
|
| Details | sha1 | 1 | 81dd7442049535b1e1c5f2904a1e02a6a67ce3ad |
|
| Details | sha1 | 1 | 867226868146118784a1caad4509653524560008 |
|
| Details | sha1 | 1 | 1ad020f084ee146c4bff08e94c6c162c2cdc45b7 |
|
| Details | sha1 | 1 | 20043296337725ad3dc6e304642d1f932c781f48 |
|
| Details | sha1 | 1 | 43922917c4cbedc248808d592e3a2eec3671639b |
|
| Details | sha1 | 1 | 5d87e1fdba078f591bee4cde00daf59d83e38129 |
|
| Details | sha1 | 1 | 884bf4ae3b1ecaea6c058f19fce92fbe09214ecf |
|
| Details | sha1 | 1 | 8ca09bebe64bc1f8a2b5e50d4883f81d58a9f9fc |
|
| Details | sha1 | 1 | 9c2360e8b2256cc7e839e215b5b1892d997378c7 |
|
| Details | sha1 | 1 | 20413ca7b6b034be9e492a949b92dad96171b96a |
|
| Details | sha1 | 1 | 29f03c2651f1f555ec55d0cbee0d937c859c47af |
|
| Details | sha1 | 1 | 2c71a5896716b12742be84f11a2b6644cb1d08d5 |
|
| Details | sha1 | 1 | 350618e55e6c7c2c572f7ba22319991881c956c9 |
|
| Details | sha1 | 1 | 40050a73fdb3dee718a77c2b300ca7d1c1a62b96 |
|
| Details | sha1 | 1 | 7c179f13f2e16bb77df0ef0105368be66477cb56 |
|
| Details | sha1 | 1 | 7d6c9f8b025cf5dcf2a214b3f407e46d2174d4d5 |
|
| Details | sha1 | 1 | 7ee216ddb55b31f6657d5ef2f4b383ca5205ca11 |
|
| Details | sha1 | 1 | b3e8a2cfa3c711b4cca896e586fc2c0dd1a64576 |
|
| Details | sha1 | 1 | ca6bb68098d965fc6d22e236d7147905a8a5b313 |
|
| Details | sha1 | 1 | db7b06a0b551892ec93fe06fa3df4da07b3b407c |
|
| Details | sha1 | 1 | e13bcdcf48575579f1b6ec923cf0a61c6c9be1d0 |
|
| Details | sha1 | 1 | efec9d9d8234ac7bee2482601cb44f295d72bf47 |
|
| Details | sha1 | 1 | 981c98fa370ee934a2754a457a830bcf1e381fbe |
|
| Details | sha1 | 1 | ce0b09339b565a6613b505a372f83f4003a81190 |
|
| Details | sha1 | 1 | 1a5aefbf734564b499f2c0f7269da4b6ed1d95f6 |
|
| Details | sha1 | 1 | 7f3f31249c0390846df9ffdcb246ae49bc9fa1a4 |
|
| Details | Windows Registry Key | 582 | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run |