Usage of Tor by Tinba malware
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 93bba26f-8683-49d4-a3a3-53a108d8c5d1 |
| Fingerprint | 3409069705a7b7d5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 1, 2016, midnight |
| Added to db | Jan. 18, 2023, 7:32 p.m. |
| Last updated | Nov. 18, 2024, 3:20 p.m. |
| Headline | Some stuff about security.. |
| Title | Usage of Tor by Tinba malware |
| Detected Hints/Tags/Attributes | 28/2/15 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://blog.angelalonso.es/2016/02/usage-of-tor-by-malware-timbai.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | b3pepirxq7l2aybj.onion.link |
|
| Details | Domain | 6 | onion.link |
|
| Details | Domain | 1 | www.onion.link |
|
| Details | Domain | 1 | b3pepirxq7l2aybj.onion |
|
| Details | Domain | 131 | api.ipify.org |
|
| Details | Domain | 1 | www.ipify.org |
|
| Details | File | 1 | 'verifikation.exe |
|
| Details | File | 4 | faq.html |
|
| Details | File | 8 | status.php |
|
| Details | md5 | 1 | d770040d2bf4c12c9dc8fd1bfc23bc9b |
|
| Details | Url | 1 | http://www.onion.link/faq.html |
|
| Details | Url | 1 | http://b3pepirxq7l2aybj.onion |
|
| Details | Url | 1 | https://api.ipify.org/?format=jsonp&callback=getip"></script><script>document.write |
|
| Details | Url | 1 | https://www.ipify.org |
|
| Details | Url | 1 | http://b3pepirxq7l2aybj.onion.link/ajax/status.php?cmdid=8&gettype=t&id=149&ip=x.x.x.x |