ioc[.]one - OSINT Cyber Threat Intelligence Database

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims - CyberSRC

Tags

cmtmf-attack-pattern:	Masquerading
country:	Brazil China Mexico Taiwan United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Credentials - T1589.001 Credentials From Web Browsers - T1555.003 Credentials From Web Browsers - T1503 Dll Side-Loading - T1574.002 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Exploits - T1587.004 Exploits - T1588.005 Hardware - T1592.001 Impersonation - T1656 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Software - T1592.002 Ssl Pinning - T1521.003 Vulnerabilities - T1588.006 Dll Side-Loading - T1073 Masquerading - T1036 Third-Party Software - T1072 Masquerading

Show in Graph

Common Information

Type	Value
UUID	87d4b53b-64ab-43f0-a168-03e30c559d7c
Fingerprint	850b9d1aa1332689
Analysis status	DONE
Considered CTI value	1
Text language
Published	Nov. 8, 2024, 4:31 a.m.
Added to db	Nov. 8, 2024, 5:39 a.m.
Last updated	Nov. 14, 2024, 10:54 p.m.
Headline	SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims
Title	SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims - CyberSRC
Detected Hints/Tags/Attributes	119/4/8

Source URLs

	Redirection	Url
Details	Source	https://cybersrcc.com/2024/11/08/steelfox-and-rhadamanthys-malware-use-copyright-scams-driver-exploits-to-target-victims/

URL Provider

Details	Provider	Source level domain
Details	cybersrcc.com	cybersrcc.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	94	✔	CyberSRC	https://cybersrcc.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	12		cve-2020-14979
Details	CVE	11		cve-2021-41285
Details	Domain	29		appspot.com
Details	File	16		winring0.sys
Details	File	4		malicious.dll
Details	File	1		setup_foxiteditor.exe
Details	File	1		install_jetbrains.exe
Details	Windows Registry Key	48		HKLM\Software\Microsoft\Windows\CurrentVersion\Run