Threat Round Up for December 29 - January 5
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 93bdfe83-ea4a-4908-bb71-3aa279ee14bb |
| Fingerprint | 3464ec4b12f64edd |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 5, 2018, 2:46 p.m. |
| Added to db | Oct. 9, 2022, 4:17 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Vulnerability Information |
| Title | Threat Round Up for December 29 - January 5 |
| Detected Hints/Tags/Attributes | 42/2/187 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.talosintelligence.com/2018/01/threat-round-up-1229-0105.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 57 | cve-2017-8759 |
|
| Details | Domain | 904 | snort.org |
|
| Details | Domain | 224 | clamav.net |
|
| Details | Domain | 1 | jas-pol.com.pl |
|
| Details | Domain | 1 | weekendfakc.top |
|
| Details | Domain | 1 | pragmaticinquiry.org |
|
| Details | Domain | 2 | teknik.io |
|
| Details | Domain | 1 | kistags.com |
|
| Details | Domain | 1 | graceland2017.com |
|
| Details | Domain | 1 | 0i3tenrainy.loan |
|
| Details | Domain | 1 | goochandhousego.pro |
|
| Details | Domain | 1 | dayi-yc.com |
|
| Details | Domain | 2 | www.murphysisters.org |
|
| Details | Domain | 1 | www.wholists.org |
|
| Details | File | 12 | slide1.xml |
|
| Details | File | 1 | %systemdrive%\documents and settings\administrator\local settings\temp\inue8.bat |
|
| Details | File | 1 | %appdata%\localservice\wn-lbzpms.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\administrator\local settings\temp\mo-r.exe |
|
| Details | File | 1 | %appdata%\localservice\mo-r.exe |
|
| Details | File | 1 | %temp%\ecmjtqf.bat |
|
| Details | File | 1 | %temp%\wn-lbzpms.exe |
|
| Details | File | 1 | %temp%\aspnetsetup_00001.log |
|
| Details | File | 1 | updater.log |
|
| Details | File | 4 | read___me.html |
|
| Details | File | 1 | %temp%\aspnetsetup.log |
|
| Details | File | 1 | %programfiles%\rfjd\confighbch.exe |
|
| Details | File | 9 | 0.cs |
|
| Details | File | 1 | %temp%\i02bp4bi.dll |
|
| Details | File | 1 | %temp%\tmp95d4.exe |
|
| Details | File | 1 | %temp%\tmp970e.exe |
|
| Details | File | 1 | %appdata%\roaming\982pqqp9\982logrc.ini |
|
| Details | File | 16 | %temp%\svchost.exe |
|
| Details | File | 1 | %appdata%\roaming\982pqqp9\982logim.jpeg |
|
| Details | File | 1 | %appdata%\roaming\982pqqp9\982logrv.ini |
|
| Details | File | 1 | %appdata%\roaming\tmp.exe |
|
| Details | File | 1 | %systemroot%\syswow64\com\soapassembly\http100u4teknik4io0hukzo4png.dll |
|
| Details | File | 1 | facaqkyu.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\all users\lgwg.txt |
|
| Details | File | 1 | noowsyqi.bat |
|
| Details | File | 19 | internat.exe |
|
| Details | File | 1 | cymycvgmtt.exe |
|
| Details | File | 3 | deviceconfigmanager.exe |
|
| Details | File | 3 | %appdata%\winmgr.txt |
|
| Details | File | 243 | autorun.inf |
|
| Details | File | 1 | ftoidjlwgv.exe |
|
| Details | File | 2 | deviceconfigmanager.bat |
|
| Details | File | 1 | %windir%\m-5050572947025827857375865240\winmgr.exe |
|
| Details | File | 3 | deviceconfigmanager.vbs |
|
| Details | File | 1 | rdwpamlgaz.bat |
|
| Details | File | 31 | lsm.exe |
|
| Details | File | 1 | %appdata%\clipsrv.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\administrator\local settings\application data\microsoft\windows\lsm.exe |
|
| Details | File | 172 | dllhost.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\administrator\local settings\application data\spoolsv.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\all users\microsoft\rcx2.tmp |
|
| Details | File | 1 | %systemdrive%\documents and settings\administrator\local settings\application data\rcx8.tmp |
|
| Details | File | 1 | rcx6.tmp |
|
| Details | File | 1 | %appdata%\ieudinit.exe |
|
| Details | File | 3 | clipsrv.exe |
|
| Details | File | 1 | d0a08beb99882af4b1771426905ee556.exe |
|
| Details | File | 4 | dllhst3g.exe |
|
| Details | File | 119 | smss.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\administrator\local settings\application data\microsoft\windows\rcx4.tmp |
|
| Details | File | 1 | %windir%\syswow64\drivers\ieudinit.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\administrator\local settings\application data\dllhst3g.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\all users\microsoft\mstinit.exe |
|
| Details | File | 1 | %systemdrive%\documents and settings\administrator\local settings\application data\microsoft\esentutl.exe |
|
| Details | File | 1 | %windir%\spoolsv.exe |
|
| Details | File | 3 | rsvp.exe |
|
| Details | File | 1 | %windir%\logman.exe |
|
| Details | md5 | 1 | d0a08beb99882af4b1771426905ee556 |
|
| Details | sha256 | 1 | 3e5a5c672052182d9d10b0d094f07ec67f182939556c90f66236d75d4e795cd6 |
|
| Details | sha256 | 1 | 07a1d83e2fdce0b0383fc05e2931d3aa557e3eeeeca50762258431ecf6fc2c50 |
|
| Details | sha256 | 1 | 024782b5d080879af2a7a4280d262929e85e9815b2b37e9aeb6384a26e97895e |
|
| Details | sha256 | 1 | 0ad1db5a012d54fe11b06cf8b8822135e5285e21ab99e7ae5c8ca1892836375b |
|
| Details | sha256 | 1 | 1283fc95f56f1f32dcfeb5ec042a53f6e0dbd05d49c5bbc892e389cfc5613d9a |
|
| Details | sha256 | 1 | 1a5257c6cd2e03848758d9541cbf4918194ff33669029a06baee9317d1a9a527 |
|
| Details | sha256 | 1 | 211e5c8d07af1e6b61acb7af8bb1e0fefe25bee88275f2db8d53f868dc991e0e |
|
| Details | sha256 | 1 | 23c8026cd6414fa083f83c856c9142af5905747eabb32d0d0d839e21f941bf3e |
|
| Details | sha256 | 1 | 25191548ef2032df4acb687d940854f134de3aa738b69fc578e5397e95496afd |
|
| Details | sha256 | 1 | 28f9a67de7f6b79b4bf66da9d114c723e16d619f6787257eff856c71b1c7047f |
|
| Details | sha256 | 1 | 29062cd2c2d09199fc0716485e0e3a1fff880195a92c78ecd5f0e5184ac07820 |
|
| Details | sha256 | 1 | 2b24aa417d6ab02fa9f82be1a41bc8c2e5de814057ed76074e2960d74f31d2d1 |
|
| Details | sha256 | 1 | a3f68a31db23b9c7312219990bfe27bf9bb7c158fde4200c0af7a985bd7ac97d |
|
| Details | sha256 | 1 | d4a8da30821df543407bcbbc25bf2a89db3d3f5c8d49fddeddaecd3b47c111ef |
|
| Details | sha256 | 1 | a9db16baffc0b92aacae6647952fc2d32673998fc035493d50d32bad5bceb516 |
|
| Details | sha256 | 1 | f07f747978b7d8bed904ccadbcc49f184bc16e872f22d7b53b1030bc22ebd794 |
|
| Details | sha256 | 1 | 9b48b6bc6ee491a2b180d6b353ae8f8da230f27a0cdfc1757c58a4819664b790 |
|
| Details | sha256 | 1 | 0c51e3df0b09f14e04b268102afc9342c35fcc2460c645f9c8d21b2413910d32 |
|
| Details | sha256 | 1 | 0cfdad54484cf1d4ff9be267469edefdb98e963ffabd6beeb081a208e3fca9ac |
|
| Details | sha256 | 1 | 1c2f0a28b5c13eb2967078d947924c9a4a5f8f845d3899986df19e8a166d3ec0 |
|
| Details | sha256 | 1 | 241f83caf5c5a23a1d7adbeaa8c392da0edadff362f41bbb5727dc71887048c4 |
|
| Details | sha256 | 1 | 305790984d5ffa713794c1732eea4f83f18da6926e415a490b2fc090f2c4e8dc |
|
| Details | sha256 | 1 | 305f855ff8d47be5cc2d57e137a436bb2e17b1783f6cc5b8302c2df56b75afd7 |
|
| Details | sha256 | 1 | 32d85f3dded85d0375965a50991ddb7b608166f51a12b297ae981348119512da |
|
| Details | sha256 | 1 | 36fc2029280816810324e3be9cf3a4257f0dbb1a8b11eaffdbacdead863aaf44 |
|
| Details | sha256 | 1 | 3abdf9d8249e3cc7507529aec80d93551f1fcd714a61861a69c059662aa39e9f |
|
| Details | sha256 | 1 | 495b93c1a9940e94c14063b1e52877864d54fb544a3a32e923b0530cb03c96cf |
|
| Details | sha256 | 1 | 4c04d8aeebdd0eb1747a9a66b10e4681328a03edcbcbd0e9921c4a74367bbd08 |
|
| Details | sha256 | 1 | 580b05987531aa4ef4bed150bd51fdbbcad5f95abb63e8439e3d4bb07eb68598 |
|
| Details | sha256 | 1 | 5c4d5f6d7d0a8d4e805c1341cadf76a924aa2fe6437d432d96f103c4319e84c2 |
|
| Details | sha256 | 1 | 6e35534f8b79187dbe2fbdd1b0a21b03752a89df5981cb6fb89154eb7b34a087 |
|
| Details | sha256 | 1 | 8f36a3ebcb2714d7f6d99d8d0672bcdf16980da788331953cba52c21fde64efb |
|
| Details | sha256 | 1 | 962beb562acef288c5ef09f14e366d7ff3f51a00dd28b3dc5c0e388c92d3c0a2 |
|
| Details | sha256 | 1 | c2f482372523031b880b7a4f1909b30b5aa20304d0a691309484ad49a0c451d5 |
|
| Details | sha256 | 1 | cab8fcbe8bce311464418e2fcd05e55353255c511e698726e009f075de82e2ea |
|
| Details | sha256 | 1 | ce5d33fb70fc7834d8faa7749d5cedbcb6b0958105ebe94633e2daba897612ef |
|
| Details | sha256 | 1 | d18256e9f4062259e941028c531c5219b63446a35c524ef00554c69de2110e98 |
|
| Details | sha256 | 1 | 22ae9fc528b63ecfe163c2b4c472e68869e049023be009ef118c59346247082d |
|
| Details | sha256 | 1 | 129bddde9c3cb01c69d92d9029d5da963a0dd5a72143054f9fa97471a388e9c0 |
|
| Details | sha256 | 1 | 2d92ee55d56e96822aca748c7d69344d90a663e0db77e7ddd0ce9befa54aba98 |
|
| Details | sha256 | 1 | 3894ba1250493f0798f9212fc20e96e8114dcc218850fef13979410dc63affba |
|
| Details | sha256 | 1 | 3a26d63160a43b64ee4f4adba0a5c19cb3ee6db2dc44c0ffb7b72b621548c4f8 |
|
| Details | sha256 | 1 | 4b4efd1527b404064604707dbf7a143745d764629d6cfcc05a6c204b66238db8 |
|
| Details | sha256 | 1 | 56b951fe25e1d0266dd49eba6b127efe63c49d71063533cee2ba3bb7eac08744 |
|
| Details | sha256 | 1 | 56ede7ef1d1e5216231c847eead200bc8b5c5f8ef7ac8389b7dc5f069b37831d |
|
| Details | sha256 | 1 | 650abb87b45b41a344c677c0d6bb6a13cbe9a66785b87a0f2ff3fb378220448c |
|
| Details | sha256 | 1 | 72399fbb24239a2e1897132ad0e3270103c727253275009e010c74a94f36700d |
|
| Details | sha256 | 1 | 7b58861aab0a53cac5ac90af09723703fb47fda584fc66212ff663c52a8150a4 |
|
| Details | sha256 | 1 | 7ed5fec1aabe2e91524a9a84d2c4f4d29a8da5777289023c40ffbcc7810b2ee8 |
|
| Details | sha256 | 1 | 84593a125442a9541b2992a2934f4db5cbe1a87b6e5f5edd17982e677667c53f |
|
| Details | sha256 | 1 | 9f9217702cc1d59edc29007f745eeec78118941f3d4f99b2f664a9677867ffb6 |
|
| Details | sha256 | 1 | b28a3bd9be8ec8d9dec980896002d84e2544acb2625e1acbbe8351d57b2b6cfc |
|
| Details | sha256 | 1 | c0ed86aab56032d1ba313aa6b5eaabcd687caa28937f56f23832206f81ec1271 |
|
| Details | sha256 | 1 | c5b450ac63234f3d23ace0379486a33788187f14b47801971ad96ace76f85410 |
|
| Details | sha256 | 1 | cd32c7982ceca8711ec2f6c7ad83103db41b5d2c644b9beee07c81f92efa30a5 |
|
| Details | sha256 | 1 | 1ff90f71632162646145cd91a22fdb24683cb25e54254f9c311d54cbc633fb92 |
|
| Details | sha256 | 1 | 377a4c54239536019cef4c3fb2ed835a0142f58d64bc0bf49063440b7700a0b7 |
|
| Details | sha256 | 1 | aff6517827847137411d37bafc0aee2915e87b9d2494493c1723634ba1014792 |
|
| Details | sha256 | 1 | 38c7c22fd8526dd108422befd6fd38212ef45fb30db3272d5016fa942cd2323d |
|
| Details | sha256 | 1 | 3ab0d96b041b994d6f32a4351120b822d39b681d2c5133f12bb507fe2fb66e19 |
|
| Details | sha256 | 1 | ca8eb5e89426e3c6771a72cffac6998abce9ca2a6011207691e47df1738cdeb6 |
|
| Details | sha256 | 1 | 8957b057803dd6369f877c359b96423b61129fa3f68257c272644e1d56c7c667 |
|
| Details | sha256 | 1 | c4471377f58643e454ef33f21dc65f696567bf8700ae120caac5086f85bfeace |
|
| Details | sha256 | 1 | 64fac9307649854e520f733df3df40ed960650103a78b8460488319156e059cf |
|
| Details | sha256 | 1 | 1dd699b7fdb082c35677938f6f064e02e226033f995189889799adac08811a18 |
|
| Details | sha256 | 1 | 9ca5fd8ee403b418f92118836171b72a334caeb94fae9b5b46d6246742bf1345 |
|
| Details | sha256 | 1 | 78286db82473a9f1eddba51f39333a77c2b30fb582e9fe3e71d2924e060eb273 |
|
| Details | sha256 | 1 | 7e888fabc1451dce556864690cc55e70c8236db2a7b01b8726af0a5700ebafea |
|
| Details | sha256 | 1 | 6f15dc426b87da591d0a2d4965558a22857e2b1c8e1e6fdfe9c36c8a4b50a99c |
|
| Details | sha256 | 1 | 22bcff79015a6f2d450ff4713bc1a195f6333444e96e616fb070ccf885f790ad |
|
| Details | sha256 | 1 | c06da956f726a78aff82e8c2ec2ed7989f227ac560511512fd609574685f6c4f |
|
| Details | sha256 | 1 | e474e51a6f29b9e32702445797ef4baaa96b1e30fa3f212ae2953bbb843a559b |
|
| Details | sha256 | 1 | c9329790645ae7404cd3c746b9a26bcd667b6c1c45f727e504d0833d04726488 |
|
| Details | sha256 | 1 | b95a5e8f1dc23677e9e700b44d014aeee127869e46af6a674f93d34da3c606d0 |
|
| Details | sha256 | 1 | f3ee9f0be76f80faaa683ef580e3f018e1e0108e5b4457bad379e99dda2c627f |
|
| Details | sha256 | 1 | b010ae9122a8651be194c5bc3d49540d51287040f1a1f066e193835f942277a9 |
|
| Details | sha256 | 1 | d775f05eb68ce4ef44776de0ad2b3c6181ad6a99813612a1ce3cc8b453359482 |
|
| Details | sha256 | 1 | a3940c00bd3e8d07eb70cd23148d030a473f134a7aa19ff6b777862af6d5f8e3 |
|
| Details | sha256 | 1 | 2104784585c92828df37feab86fcabddf3ffdb2718dfc3718ae529ad9c4956e0 |
|
| Details | sha256 | 1 | 43d2b149b3e4fd33b03321d2bfb6980734d3725483fee21cd996f280618865d9 |
|
| Details | sha256 | 1 | 9e7ae2436474bbad1e9ce20f8fc7a294586fde89c39b3bd2e2fd257d269ca636 |
|
| Details | sha256 | 1 | 10c96fcbeee7e93309abc9616958ef214953f512f236ddff2db39f12a8f4a817 |
|
| Details | sha256 | 1 | 08c9fedfcf1100f8450ad930a55a2cbf7dcc0fa88b646da2c5916ff42565c575 |
|
| Details | sha256 | 1 | 113e003896939e85f048e528b6f50fa9e984009fe2677143c7cfaad9ee693293 |
|
| Details | sha256 | 1 | 0d136160f510d87af7edeeb1533979a5cdc1d1511528798d5871bbb88bb1f0f4 |
|
| Details | sha256 | 1 | 33fd94f82800a1f8551e73aebbbac4169c3c08cbe12c69e9fab52875d56c96bc |
|
| Details | sha256 | 1 | 1b6651d1e43c7ff8dd291d178b8bad9fbfd1bb426d49da419ee7e4a4d7912ba1 |
|
| Details | sha256 | 1 | 1cfd3043ecc8fd7c254201fcafe6865dfdb1c0d6ccc343d0e62e1cab261fefa3 |
|
| Details | sha256 | 1 | 201c0ca83973186aab93376147f1b60d009ef13ec827d0de5d19b483d3c0f353 |
|
| Details | sha256 | 1 | 23db71997ed2f558e06232f600d3cc7b4e5eb58f18039923127c5b4fa7fec2f9 |
|
| Details | sha256 | 1 | 26f1a92cb36e4caff3fccc45fba269647410fbee71cc4f4a00e5d4c282ba01f8 |
|
| Details | sha256 | 1 | 2ab47d6d82225c62487054db91e804418060b3334531e09d96dc6d3630fa54b3 |
|
| Details | sha256 | 1 | 34ae5c841f6e992fe09979fff521d2e8367385260cf73112e79ce656e952bbb5 |
|
| Details | sha256 | 1 | 564ace4ef8e2c3aab367969748e02a0dee555733e9085fcc0a86b9f1b70fb7b3 |
|
| Details | sha256 | 1 | ec3075ac9775e3c41bc8227a00ef76905bbd96a62b813c99f277865ff353c5ce |
|
| Details | sha256 | 1 | f4b6b76dec96cc9d530dd6cb64bdd743a115a12a7b03e41f7ec737e4d80b6850 |
|
| Details | sha256 | 1 | b1da876da56ba09770d594765727d167bf1a655247f094360e032a35d3d41461 |
|
| Details | sha256 | 1 | b82ebd17236c41d9e457f640a2871695326ef8014ebd71b7a5f37d8b2c3a4522 |
|
| Details | sha256 | 1 | b3f5ad44f682104d536c60832d2064f71d3261ffbf0e1555c236a36b505619d3 |
|
| Details | sha256 | 1 | a27376262110767a28e376b723caa46d3cc50d33da60029df8e7af024ff67be9 |
|
| Details | sha256 | 1 | f1b2bbf13bde9ce65cbe1cee7e3d86a61e0511f206ae74589329dc1fffc5f7e0 |
|
| Details | sha256 | 1 | 17023d977e2b041c8a1994e7ae69b65e10f7097febefc9b47817dd9f7985cd52 |
|
| Details | sha256 | 1 | e5c95545895dc13626b3f20b47fe2f0f1b5dc3915fef44c3c7a5352e95beb382 |
|
| Details | sha256 | 1 | 6d1b40fbdcad0c96c687f661469e39b7b10a0b083a9ea3c9f6bb959c284df149 |
|
| Details | sha256 | 1 | 7d1ae051d633a3ed3c0991aaa3ed63357804a80e67dd19ae5deab71e525947a6 |
|
| Details | sha256 | 1 | 799e5b77de09f7971f0187b69266e45f70e0cda170c615c604806ec2444ab89a |
|
| Details | sha256 | 1 | 910b590e28bc72bc14c05d47a026ed56928ea8b6608f626555d955beccb719c8 |
|
| Details | sha256 | 1 | 7d326add0d36be4543317c4d14823e2cb380f7b07bacc1f893ec86bdd0b04468 |
|
| Details | sha256 | 1 | 5af23d9dedc83e1fe8c808fe62d858767dd95f2b9402fa785072cc7247a2e4c6 |
|
| Details | sha256 | 1 | bf828a8f3fb1a27532aa9f3fb0383a1ce3418f7dd52cefa4264ab2e3e941e8d9 |
|
| Details | IPv4 | 1 | 89.161.153.74 |
|
| Details | IPv4 | 1 | 98.124.252.145 |
|
| Details | IPv4 | 4 | 220.181.87.80 |
|
| Details | IPv4 | 2 | 69.49.96.16 |
|
| Details | IPv4 | 142 | 192.168.0.1 |
|
| Details | Pdb | 1 | %systemroot%\syswow64\com\soapassembly\http100u4teknik4io0hukzo4png.pdb |