50 Domains Worth Blocking: The Evolution of ViperSoftX's Underreported DGA | tweedge's blog
Tags
country: India Italy
maec-delivery-vectors: Watering Hole
attack-pattern: Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Software - T1592.002 Browser Extensions - T1176 Powershell - T1086 Scheduled Task - T1053
Show in Graph
Common Information
Type Value
UUID 91372d18-7136-4db5-b2f2-76deaebd3605
Fingerprint a40388d2082367cb
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 14, 2022, midnight
Added to db Aug. 30, 2024, 11:46 p.m.
Last updated Nov. 18, 2024, 1:24 p.m.
Headline 50 Domains Worth Blocking: The Evolution of ViperSoftX's Underreported DGA
Title 50 Domains Worth Blocking: The Evolution of ViperSoftX's Underreported DGA | tweedge's blog
Detected Hints/Tags/Attributes 64/3/14
Source URLs
Redirection Url
Details Source https://chris.partridge.tech/2022/evolution-of-vipersoftx-dga/
URL Provider
Details Provider Source level domain
Details partridge.tech chris.partridge.tech
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 83 tweedge's blog https://chris.partridge.tech/feed.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 3 
wmail-service.com
Details Domain 1 
malwareremoval.com
Details Domain 5 
io.directory
Details Domain 2 
wmail-endpoint.com
Details Domain 1 
whirlpool.net.au
Details Domain 1 
bideo-cdn.com
Details Domain 1 
fairu-blog.xyz
Details Domain 3 
wmail-blog.com
Details Domain 1 
ms.read
Details File 1212 
powershell.exe
Details File 1 
c:\windows\system32\drivers\skvsjq0d9\da4a1f43-f9e8-4a62-988d-3ddac0ece249.sys
Details File 2130 
cmd.exe
Details Url 1 
http://wmail-service.com/v1/3f6ef4a8-13dc-425f-bf60-1964e1d1da02?v=mig2
Details Url 1 
http://wmail-service.com/v1/cecce2da-ef51-4d10-b16a-726eebc7e043?v=downloads_counter12