Domen toolkit gets back to work with new malvertising campaign | Malwarebytes Labs
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 8e7700a3-4dcb-4709-b967-7e9dcbcf593f
Fingerprint e9cce9586974f75
Analysis status DONE
Considered CTI value 2
Text language
Published Feb. 28, 2020, midnight
Added to db Jan. 18, 2023, 8:35 p.m.
Last updated Nov. 18, 2024, 5:21 p.m.
Headline Domen toolkit gets back to work with new malvertising campaign
Title Domen toolkit gets back to work with new malvertising campaign | Malwarebytes Labs
Detected Hints/Tags/Attributes 32/2/21
Source URLs
Redirection Url
Details Source https://blog.malwarebytes.com/threat-analysis/2020/02/domen-toolkit-gets-back-to-work-with-new-malvertising-campaign/
URL Provider
Details Provider Source level domain
Details malwarebytes.com blog.malwarebytes.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
celeritascdn.com
Details Domain 1 
tendermeets.club
Details Domain 1 
ftvgirls.com
Details Domain 1 
search-one.info
Details Domain 1 
mix-world.best
Details Domain 1 
panel-admin.best
Details Domain 1 
vuterfaste.ru
Details Domain 1 
molothunsen.com
Details Domain 1 
semantrus.pw
Details Domain 1 
cq08462.tmweb.ru
Details Domain 1 
desperate.website
Details File 70 
client.exe
Details File 1 
mass.exe
Details File 6 
open.exe
Details File 1 
88.exe
Details sha256 1 
1a91b2a3a252554842de875c89f6eee105bc419d7e32d3a5c9f0f9078780ab30
Details sha256 1 
33d5f80242b4006ce14bba56692e1936157e0216b93faac823c42cc3f9ab4ec1
Details sha256 1 
76ce130d2447f71bea8ed902959fd7e0aeac86b55f9e44a327c1f1c1bd73ba3f
Details sha256 1 
0163bb148d4eb632d00d6d3080e07bba46f2f3549e8f95a8ca8951c10280694f
Details sha256 1 
628a9c97a55155f60d3b5ae29bc64f1dca5a6baf2b4f6a1a1de5e836cd4fb73f
Details IPv4 1 
46.166.129.235