ioc[.]one - OSINT Cyber Threat Intelligence Database

New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft's Official Store - Check Point Research

Tags

country:	Bermuda Bulgaria Spain Sweden Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Direct Cloud Account - T1087.004 Cloud Account - T1136.003 Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Seo Poisoning - T1608.006 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Social Media Accounts - T1585.001 Social Media Accounts - T1586.001

Show in Graph

Common Information

Type	Value
UUID	94c750cd-1960-4ef4-9482-03d592558b49
Fingerprint	a500862985ba86c1
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 24, 2022, 10:56 a.m.
Added to db	Sept. 26, 2022, 9:34 a.m.
Last updated	Nov. 19, 2024, 4:54 p.m.
Headline	New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft’s Official Store
Title	New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft's Official Store - Check Point Research
Detected Hints/Tags/Attributes	58/3/29

Source URLs

	Redirection	Url
Details	Source	https://research.checkpoint.com/2022/new-malware-capable-of-controlling-social-media-accounts-infects-5000-machines-and-is-actively-being-distributed-via-gaming-applications-on-microsofts-official-store/

URL Provider

Details	Provider	Source level domain
Details	checkpoint.com	research.checkpoint.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	electron-bot.s3.eu-central-1.amazonaws.com
Details	Domain	1	s3.eu-west-1.amazonaws.com
Details	Domain	26	mediafire.com
Details	Domain	67	microsoft.windows
Details	Domain	2	11k.online
Details	Domain	2	bot.s3.eu-central-1.amazonaws.com
Details	Domain	1	shopsusa.prom.ua
Details	Domain	1	cdn.lupygames.com
Details	Domain	1	crazy4games-flash.s3.eu-west-1.amazonaws.com
Details	Domain	1	ytmp3.dog
Details	File	678	node.js
Details	File	26	app.exe
Details	File	74	main.js
Details	File	1	templeendlessrunner2.json
Details	File	1	112942.png
Details	File	175	update.exe
Details	File	1	windowsdef.js
Details	File	1	textfileprom.json
Details	md5	1	f2a97841d58aa9050b2275302be6aa78
Details	md5	1	240e9adca3695da4ba177c0238141881
Details	md5	1	33145894a81fd3f6fde4f528630b1f7a
Details	md5	1	8720d6cefd71ef30c3fe66965fea841a
Details	md5	1	0a919ab3c63608e00290c9d4d4eb3a01
Details	md5	1	07ebca17e1083461fbbe3376fe5ec1ed
Details	md5	1	ec2c0a9be3ff2a922c02c9e1380eeabd
Details	md5	1	52c4990d30a8a7b560c57e775895ccad
Details	Url	1	https://s3.eu-west-1.amazonaws.com/jeuxjeuxjeux.files/json-obj-el12/templeendlessrunner2.json
Details	Url	1	https://mediafire.com
Details	Url	1	http://11k.online/ad/javascripts/windowsdef.js