MDR in Action: Preventing The More_eggs Backdoor From Hatching
Tags
Common Information
Type | Value |
---|---|
UUID | 8920dc70-4c20-41e3-a04e-b7960fffc271 |
Fingerprint | ad9589dba8b64fe9 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Sept. 30, 2024, midnight |
Added to db | Sept. 30, 2024, 5:47 p.m. |
Last updated | Oct. 12, 2024, 3:01 a.m. |
Headline | MDR in Action: Preventing The More_eggs Backdoor From Hatching |
Title | MDR in Action: Preventing The More_eggs Backdoor From Hatching |
Detected Hints/Tags/Attributes | 97/4/33 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 119 | ✔ | Trend Micro Research, News and Perspectives | https://feeds.feedburner.com/TrendMicroSimplySecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 5 | cboins.zip |
|
Details | Domain | 2 | 36hbhv.johncboins.com |
|
Details | Domain | 2 | webmail.raysilkman.com |
|
Details | Domain | 2 | 1212055764.johncboins.com |
|
Details | Domain | 1085 | gmail.com |
|
Details | 2 | fayereed11@gmail.com |
||
Details | File | 5 | cboins.zip |
|
Details | File | 2 | 6.jpeg |
|
Details | File | 1974 | cmd.exe |
|
Details | File | 3 | ieuinit.inf |
|
Details | File | 11 | ie4uinit.exe |
|
Details | File | 1 | 38804.dll |
|
Details | File | 438 | regsvr32.exe |
|
Details | File | 1 | d30f38d93ca9185.txt |
|
Details | File | 1 | 765bbca08c0e9cb6.txt |
|
Details | File | 23 | msxsl.exe |
|
Details | File | 144 | cscript.exe |
|
Details | File | 356 | notepad.exe |
|
Details | File | 10 | typeperf.exe |
|
Details | File | 3 | 6.jpg |
|
Details | File | 1 | 39220.dll |
|
Details | File | 3 | trojanspy.js |
|
Details | File | 1 | %appdata%\ microsoft\d30f38d93ca9185.txt |
|
Details | md5 | 2 | 036e91fc8cc899cc20f7e011fa6a0861 |
|
Details | sha256 | 2 | ccf8276b55398030b6b7269136c5ee26a5c422d68793dc9ec5adee79a057c7f4 |
|
Details | sha256 | 2 | f2196309bc97e22447f6e168a9afbbb4291edd1cca51bf3789939c3618a63ec0 |
|
Details | sha256 | 2 | 3beda3377b060a89b41553485e06e42b69d10610f21a4a443f75b39605397271 |
|
Details | Threat Actor Identifier - FIN | 69 | FIN6 |
|
Details | Url | 1 | http://36hbhv.johncboins.com/fjkabrhhg. |
|
Details | Url | 2 | http://36hbhv.johncboins.com/fjkabrhhg |
|
Details | Url | 2 | https://webmail.raysilkman.com |
|
Details | Url | 2 | https://1212055764.johncboins.com/some/036e91fc8cc899cc20f7e011fa6a0861/sbosf |
|
Details | Windows Registry Key | 11 | HKCU\Environment |