Sykipot APT Malware
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 8d266167-e73d-463f-9392-0c9f92b83954 |
| Fingerprint | d243d4925b20e83 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 22, 2016, 5:40 p.m. |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | NetWitness Community |
| Title | Sykipot APT Malware |
| Detected Hints/Tags/Attributes | 41/1/44 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://community.rsa.com/thread/185437 |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | motor.hyundei-motor.com |
|
| Details | Domain | 1 | onesfocus.com |
|
| Details | Domain | 1 | strongtable.3322.org |
|
| Details | Domain | 2 | notes.topix21century.com |
|
| Details | Domain | 1 | map.kortimes.com |
|
| Details | Domain | 1 | chosunkor.com |
|
| Details | Domain | 1 | racingfax.com |
|
| Details | Domain | 1 | news.marinetimemac.com |
|
| Details | Domain | 1 | hotgreenlight.com |
|
| Details | Domain | 1 | sports.hotgreenlight.com |
|
| Details | Domain | 4 | mysundayparty.com |
|
| Details | Domain | 4 | news.mysundayparty.com |
|
| Details | Domain | 1 | movieshowgirl.com |
|
| Details | Domain | 1 | moto.sourceinsightonline.com |
|
| Details | Domain | 1 | happybehere.com |
|
| Details | Domain | 2 | music.defense-association.com |
|
| Details | Domain | 1 | altchksrv.hostdefence.net |
|
| Details | File | 1 | msrt.exe |
|
| Details | File | 1 | %temp%\msrt.exe |
|
| Details | File | 1 | c:\windows\system32\msrt.exe |
|
| Details | File | 1 | %windir%\system32\msrt.exe |
|
| Details | File | 1 | %windir%\system32\wship4.dll |
|
| Details | File | 1 | siop.exe |
|
| Details | File | 1 | %temp%\siop.exe |
|
| Details | File | 1 | %temp%\rsm.dll |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 2 | wship4.dll |
|
| Details | File | 7 | kys_allow_get.asp |
|
| Details | File | 1 | 'kys_allow_get.asp |
|
| Details | md5 | 1 | 4f90ffbdf64fd1b2b96324378007aa8c |
|
| Details | md5 | 1 | 1747e47baee61e06d1ee0e4d1c3649bf |
|
| Details | sha1 | 1 | 736537d5c264e5a784d3fda128d9d8e7f88f8274 |
|
| Details | sha1 | 1 | 06bb28927fe12aeb5e70d2e518abf5b9796cda9d |
|
| Details | sha256 | 1 | c13eb82839e133da2c8881c6690c91f3e20e145050b8b58ffef206335fd38e77 |
|
| Details | sha256 | 1 | 5ce4a75d368a337cfbd16c8eab3b8fbd0fb99d1d7d3d27636a9b36e9fa0e4859 |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\ControlSet001\Services\helpsvcc\ImagePath |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\ControlSet001\Services\helpsvcc\DisplayName |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\ControlSet001\Services\helpsvcc\Description |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\CurrentControlSet\Services\helpsvcc\ImagePath |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\CurrentControlSet\Services\helpsvcc\DisplayName |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\CurrentControlSet\Services\helpsvcc\Description |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\ControlSet001\Services\helpsvcc\Start |
|
| Details | Windows Registry Key | 1 | HKLM\SYSTEM\CurrentControlSet\Services\helpsvcc\Start |
|
| Details | Windows Registry Key | 1 | HKU\Software\Microsoft\Windows\CurrentVersion\Run\start |