Tips for Investigating Cybercrime Infrastructure
Tags
| attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Tool - T1588.002 Whois - T1596.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 98cbda3c-f66b-43c7-97f0-57f72f677bec |
| Fingerprint | 2f38e61dad311c87 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 4, 2023, 5:37 a.m. |
| Added to db | Aug. 31, 2024, 12:17 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | @BushidoToken Threat Intel |
| Title | Tips for Investigating Cybercrime Infrastructure |
| Detected Hints/Tags/Attributes | 31/1/23 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 24 | ✔ | @BushidoToken Threat Intel | https://blog.bushidotoken.net/feeds/posts/default?alt=rss | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | fudcrypter.io |
|
| Details | Domain | 1 | data-encoder.com |
|
| Details | Domain | 105 | web.archive.org |
|
| Details | Domain | 11 | search.censys.io |
|
| Details | Domain | 58 | www.shodan.io |
|
| Details | Domain | 65 | blog.cyble.com |
|
| Details | Domain | 154 | urlscan.io |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 268 | www.virustotal.com |
|
| Details | File | 18 | stub.exe |
|
| Details | IPv4 | 1 | 94.131.111.198 |
|
| Details | IPv4 | 1 | 91.109.178.9 |
|
| Details | Url | 1 | https://web.archive.org/web/20230228040437/https://fudcrypter.io |
|
| Details | Url | 1 | https://web.archive.org/web/20210517004154/https://data-encoder.com |
|
| Details | Url | 1 | https://search.censys.io/search?resource=hosts&sort=relevance&per_page=25&virtual_hosts=exclude&q=dns.names:fudcrypter.io |
|
| Details | Url | 1 | https://search.censys.io/hosts/94.131.111.198 |
|
| Details | Url | 1 | https://search.censys.io/hosts/94.131.111.198/data/json?resource=hosts&sort=relevance&per_page=25&virtual_hosts=exclude&q=dns.names:fudcrypter.io&at_time=2023-03-02t09:03:44.136z |
|
| Details | Url | 1 | https://www.shodan.io/search?query=desktop |
|
| Details | Url | 1 | https://blog.cyble.com/2023/01/18/aurora-a-stealer-using-shapeshifting-tactics |
|
| Details | Url | 1 | https://urlscan.io/result/e3de1fbb-d146-49fd-a78e-5471b73d86f4 |
|
| Details | Url | 1 | https://urlscan.io/result/b9fe896e-b3ba-4142-bc9c-50dd699484a3 |
|
| Details | Url | 1 | https://twitter.com/1zrr4h/status/1593377638504087553?s=20 |
|
| Details | Url | 1 | https://www.virustotal.com/gui/ip-address/91.109.178.9 |