A Zebrocy Go Downloader
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 9607d1ea-597d-4827-a202-98c3494ba7ca |
| Fingerprint | 3c06d48a59c1c711 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 11, 2019, 10 a.m. |
| Added to db | Feb. 17, 2023, 10:40 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | A Zebrocy Go Downloader |
| Title | A Zebrocy Go Downloader |
| Detected Hints/Tags/Attributes | 101/3/24 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://securelist.com/a-zebrocy-go-downloader/89419/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | weekpost.org |
|
| Details | Domain | 1 | qhoster.com |
|
| Details | Domain | 1 | afterburst.com |
|
| Details | File | 1 | 30-144.arj |
|
| Details | File | 1 | 30-144.exe |
|
| Details | File | 323 | winword.exe |
|
| Details | File | 3 | online-service-description.php |
|
| Details | File | 2 | w32srv.exe |
|
| Details | File | 165 | reg.exe |
|
| Details | File | 1 | c:\programdata\protection\active\armpro.exe |
|
| Details | File | 1 | getidpolapl.php |
|
| Details | File | 1 | 259.docx |
|
| Details | md5 | 1 | 333d2b9e99b36fb42f9e79a2833fad9c |
|
| Details | md5 | 1 | 3c58ed6913593671666283cb7315dec3 |
|
| Details | md5 | 1 | 2f83acae57f040ac486eca5890649381 |
|
| Details | sha256 | 2 | fcf03bf5ef4babce577dd13483391344e957fd2c855624c9f0573880b8cba62e |
|
| Details | sha256 | 1 | 96c3700ad639faa85982047e05fbd71c3dfd502b09f9860685498124e7dbaa46 |
|
| Details | sha256 | 1 | f9e96b2a453ff8922b1e858ca2d74156cb7ba5e04b3e936b77254619e6afa4e8 |
|
| Details | IPv4 | 3 | 89.37.226.148 |
|
| Details | IPv4 | 1 | 80.255.12.252 |
|
| Details | IPv4 | 1 | 46.183.218.34 |
|
| Details | IPv4 | 1 | 185.77.131.110 |
|
| Details | IPv4 | 1 | 92.114.92.128 |
|
| Details | Windows Registry Key | 188 | HKCU\Software\Microsoft\Windows\CurrentVersion\Run |