Rewterz Threat Advisory – A Malspam campaign circulating the Lokibot Malware - Rewterz
Tags
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
Type | Value |
---|---|
UUID | 89cd7dff-2683-4609-a380-fb307a1271b4 |
Fingerprint | 85073939b7034fc7 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 5, 2018, 5:45 p.m. |
Added to db | Dec. 19, 2024, 2:14 a.m. |
Last updated | Dec. 19, 2024, 9:48 p.m. |
Headline | Rewterz Threat Advisory – A Malspam campaign circulating the Lokibot Malware |
Title | Rewterz Threat Advisory – A Malspam campaign circulating the Lokibot Malware - Rewterz |
Detected Hints/Tags/Attributes | 27/2/15 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 68 | cve-2018-15982 |
|
Details | CVE | 3 | cve-2018-15983 |
|
Details | Domain | 3 | doko.moe |
|
Details | Domain | 1 | mccourtmfg.com |
|
Details | Domain | 1 | sir-iyke.com |
|
Details | Domain | 1 | decvit.ga |
|
Details | Domain | 87 | rewterz.com |
|
Details | 1 | sharon@mccourtmfg.com |
||
Details | 54 | soc@rewterz.com |
||
Details | sha256 | 1 | 58cea3c44da13386b5acfe0e11cf8362a366e7b91bf9fc1aad7061f68223c5a8 |
|
Details | sha256 | 1 | b8b6ee5387befd762ecce0e146bd0a6465239fa0785869f05fa58bdd25335d3e |
|
Details | IPv4 | 1 | 191.101.23.150 |
|
Details | IPv4 | 1 | 169.255.59.27 |
|
Details | IPv4 | 1 | 185.83.215.3 |
|
Details | IPv4 | 1 | 199.192.27.109 |