The strange case of Gamarue propagation - Microsoft Security Blog
Tags
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001
Show in Graph
Common Information
Type Value
UUID 8d2d2a55-8b99-4c9c-a905-518f3816c99d
Fingerprint e49f0912e42fe25f
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 27, 2013, 8:01 p.m.
Added to db Jan. 18, 2023, 9:18 p.m.
Last updated Nov. 12, 2024, 6:45 p.m.
Headline The strange case of Gamarue propagation
Title The strange case of Gamarue propagation - Microsoft Security Blog
Detected Hints/Tags/Attributes 24/1/7
Source URLs
Redirection Url
Details Source https://cloudblogs.microsoft.com/microsoftsecure/2013/02/27/the-strange-case-of-gamarue-propagation/
URL Provider
Details Provider Source level domain
Details microsoft.com cloudblogs.microsoft.com
Attributes
Details Type #Events CTI Value
Details File 196 
desktop.ini
Details File 143 
thumbs.db
Details File 1 
temptrustedinstaller.exe
Details File 14 
trustedinstaller.exe
Details File 2 
%system%wuauclt.exe
Details Windows Registry Key 2 
HKCUSOFTWAREe_magic
Details Windows Registry Key 1 
HKLMSOFTWAREMicrosoft