ioc[.]one - OSINT Cyber Threat Intelligence Database

Virus Bulletin :: New Keylogger on the Block

Tags

country:	Bangladesh Djibouti Hungary India Indonesia Russia
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Control Panel - T1218.002 Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	9a6191bb-8d69-4cf4-a28b-52dce94ddfff
Fingerprint	fc1d0cd3ed3082e5
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 20, 2016, midnight
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	New Keylogger on the Block
Title	Virus Bulletin :: New Keylogger on the Block
Detected Hints/Tags/Attributes	71/2/24

Source URLs

	Redirection	Url
Details	Source	https://www.virusbulletin.com/virusbulletin/2016/07/new-keylogger-block/

URL Provider

Details	Provider	Source level domain
Details	virusbulletin.com	www.virusbulletin.com

Attributes

Details	Type	#Events	Value
Details	Domain	2	www.keybase.in
Details	Domain	12	keybase.io
Details	Domain	2	jobme.eu
Details	Domain	2	www.indofuels.com
Details	Domain	2	jobmen.eu
Details	Domain	2	th3l4b.blogspot.ie
Details	Domain	105	web.archive.org
Details	Domain	29	www.nirsoft.net
Details	File	20	www.key
Details	File	1	'enquiry_shipsrv_047pdf.gz
Details	File	1	keybase-loggerclipboardcredsstealer.html
Details	File	816	index.html
Details	sha1	2	2243661696ef0a519c6583ac1ab2e14088fe476f
Details	sha1	2	f73dc85a3506a11e4dbbeda5e4e69109bd9a2ffe
Details	sha1	2	6d6d2002f8841fa605fc51f749bacb6bd50b7678
Details	Url	2	http://www.keybase.in
Details	Url	2	http://www.indofuels.com
Details	Url	1	https://blogs.sophos.com/2016/04/20/sophoslabs-investigates-the-most-popular-microsoft-office-exploit-kits/.
Details	Url	1	http://th3l4b.blogspot.ie/2015/10/keybase-loggerclipboardcredsstealer.html
Details	Url	1	http://researchcenter.paloaltonetworks.com/2016/02/keybase-threat-grows-despite-public-takedown-a-picture-is-worth-a-thousand-words/.
Details	Url	1	https://blog.team-cymru.org/2016/02/keybase-malware-family-added-to-team-cymru-botnet-analysis-and-reporting-service-bars/.
Details	Url	1	https://web.archive.org/web/20150623002553/http://www.keybase.in/.
Details	Url	1	http://www.nirsoft.net/utils/index.html#password_utils
Details	Url	1	https://nakedsecurity.sophos.com/2016/02/29/the-hawkeye-attack-how-cybercrooks-target-small-businesses-for-big-money/.