Группа Cloud Atlas использует новый бэкдор VBCloud для кражи данных
Common Information
Type Value
UUID 8dfac581-6d4c-4b15-8732-3dfef5248036
Fingerprint 72a00eb750f19b6f
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 19, 2024, 1 p.m.
Added to db Dec. 21, 2024, 4:48 a.m.
Last updated Dec. 24, 2024, 9:47 a.m.
Headline Новый инструмент в атаках Cloud Atlas
Title Группа Cloud Atlas использует новый бэкдор VBCloud для кражи данных
Detected Hints/Tags/Attributes 20/1/83
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 224 Securelist https://securelist.ru/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 145
cve-2018-0802
Details Domain 5
firefox.zip
Details Domain 4
kim.nl.tab.digital
Details Domain 4
webdav.mydrive.ch
Details Domain 3
mapping.zip
Details Domain 4
content-protect.net
Details Domain 4
control-issue.net
Details Domain 4
office-confirm.com
Details Domain 4
onesoftware.info
Details Domain 4
serverop-parametrs.com
Details Domain 4
web-privacy.net
Details Domain 4
net-plugin.org
Details Domain 4
triger-working.com
Details Domain 4
yandesks.net
Details Domain 4
yandisk.info
Details Domain 5
mirconnect.info
Details Domain 4
sber-cloud.info
Details Domain 4
gosportal.net
Details Domain 4
riamir.net
Details Domain 4
web-wathapp.com
Details Domain 4
yandesktop.com
Details Domain 4
webdav.opendrive.com
Details Domain 7
webdav.yandex.ru
Details File 3
appcache028732611605321388.log
Details File 3
appcache02873261160532138892.vbs
Details File 3
appcache028732611605321388.vbs
Details File 3
appcache028732611605321388.dat
Details File 3
appcache0287326116053213889292.vbs
Details File 2
%appdata%\roaming  \microsoft\windows\appcache028732611605321388.log
Details File 3
intertwine.ini
Details File 3
intertwineing.vbs
Details File 3
intertwineinit.vbs
Details File 3
intertwine.vbs
Details File 2337
cmd.exe
Details File 5
firefox.zip
Details File 3
keb.ps1
Details File 3
c:\programdata\avp\avp_upd.vbs
Details File 3
c:\programdata\adobe\adobelog.vbs
Details File 3
c:\programdata\adobe\manager.vbs
Details File 3
c:\programdata\adobe\sysman.vbs
Details File 3
c:\programdata\adobe\news_adobe.vbs
Details File 3
c:\programdata\adobe\upgrade.vbs
Details File 3
c:\programdata\edge\srvmngrupd.vbs
Details File 3
c:\programdata\edge\intelog.vbs
Details File 3
c:\programdata\chrome\chromesys.vbs
Details File 4
nl.tab
Details File 3
070824_001919.txt
Details File 3
250724_002919.doc
Details File 3
criclyqnduv.txt
Details File 3
jhflenoqelp.txt
Details File 3
avnwiabihik.txt
Details File 3
mapping.zip
Details md5 3
9D3557CC5C444FE5D73E4C7FE1872414
Details md5 3
CBA05E11CB9D1D71F0FA70ECD1AF2480
Details md5 3
CBFB691E95EE34A324F94ED1FF91BC23
Details md5 3
2D24044C0A5B9EBE4E01DED2BFC2B3A4
Details md5 3
88BE01F8C4A9F335D33FA7C384CA4666
Details md5 3
A30319545FDA9E2DA0532746C09130EB
Details md5 3
15FD46AC775A30B1963281A037A771B1
Details md5 3
31B01387CA60A1771349653A3C6AD8CA
Details md5 3
389BC3B9417D893F3324221141EDEA00
Details md5 3
AA8DA99D5623FAFED356A14E59ACBB90
Details md5 3
016B6A035B44C1AD10D070ABCDFE2F66
Details md5 3
160A65E830EB97AAE6E1305019213558
Details md5 3
184CF8660AF7538CD1CD2559A10B6622
Details md5 3
1AF1F9434E4623B7046CF6360E0A520E
Details md5 3
1BFB9CBA8AA23A401925D356B2F6E7ED
Details md5 3
21585D5881CC11ED1F615FDB2D7ACC11
Details md5 3
242E86E658FE6AB6E4C81B68162B3001
Details md5 3
2FE7E75BC599B1C68B87CF2A3E7AA51F
Details md5 3
36DD0FBD19899F0B23ADE5A1DE3C2FEC
Details md5 3
389F6E6FD9DCC84C6E944DC387087A56
Details md5 3
3A54ACD967DD104522BA7D66F4D86544
Details md5 3
3F12BF4A8D82654861B5B5993C012BFA
Details md5 3
49F8ED13A8A13799A34CC999B195BF16
Details md5 3
4B96DC735B622A94D3C74C0BE9858853
Details md5 3
F45008BF1889A8655D32A0EB93B8ACDD
Details md5 3
0139F32A523D453BC338A67CA45C224D
Details md5 3
01DB58A1D0EC85ADC13290A6290AD9D6
Details md5 3
0F37E1298E4C82098DC9318C7E65F9D2
Details md5 3
6FCEE9878216019C8DFA887075C5E68E
Details md5 3
D445D443ACE329FB244EDC3E5146313B
Details md5 3
F3F28018FB5108B516D802A038F90BDE