Crypto stealing campaign spread via fake cracked software
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 9dfd7480-4e5f-460c-ad8f-61d150068564 |
| Fingerprint | a015e913203bebc6 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 6, 2022, midnight |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 17, 2024, 6:53 p.m. |
| Headline | List of available regions |
| Title | Crypto stealing campaign spread via fake cracked software |
| Detected Hints/Tags/Attributes | 40/2/40 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.avast.com/fakecrack-campaign |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | freefilesxx.xyz |
|
| Details | Domain | 2 | filesend.jp |
|
| Details | Domain | 26 | mediafire.com |
|
| Details | Domain | 2 | goes12by.cfd |
|
| Details | Domain | 2 | baed92all.cfd |
|
| Details | Domain | 2 | aeddkiu6745q.cfd |
|
| Details | Domain | 2 | 14redirect.cfd |
|
| Details | Domain | 2 | lixn62ft.cfd |
|
| Details | Domain | 2 | kohuy31ng.cfd |
|
| Details | Domain | 2 | wae23iku.cfd |
|
| Details | Domain | 2 | yhf78aq.cfd |
|
| Details | Domain | 2 | xzctn14il.cfd |
|
| Details | Domain | 2 | mihatrt34er.cfd |
|
| Details | Domain | 2 | oliy67sd.cfd |
|
| Details | Domain | 2 | er67ilky.cfd |
|
| Details | Domain | 2 | bny734uy.cfd |
|
| Details | Domain | 2 | uzas871iu.cfd |
|
| Details | Domain | 2 | dert1mku.cfd |
|
| Details | Domain | 2 | fr56cvfi.cfd |
|
| Details | Domain | 2 | asud28cv.cfd |
|
| Details | Domain | 2 | freefiles34.xyz |
|
| Details | Domain | 2 | freefiles33.xyz |
|
| Details | Domain | 2 | wrtgh56mh.cfd |
|
| Details | File | 208 | setup.exe |
|
| Details | File | 1 | cracksetup.exe |
|
| Details | sha256 | 2 | bcb1c06505c8df8cf508e834be72a8b6adf67668fcf7076cd058b37cf7fc8aaf |
|
| Details | sha256 | 2 | c283a387af09f56ba55d92a796edcfa60678e853b384f755313bc6f5086be4ee |
|
| Details | sha256 | 2 | ac47ed991025f58745a3ca217b2091e0a54cf2a99ddb0c98988ec7e5de8eac6a |
|
| Details | sha256 | 2 | 5423be642e040cfa202fc326027d878003128bff5dfdf4da6c23db00b5942055 |
|
| Details | sha256 | 2 | 9254436f13cac035d797211f59754951b07297cf1f32121656b775124547dbe7 |
|
| Details | sha256 | 3 | 9d66a6a6823aea1b923f0c200dfecb1ae70839d955e11a3f85184b8e0b16c6f8 |
|
| Details | sha256 | 2 | 97f1ae6502d0671f5ec9e28e41cba9e9beeffcc381aae299f45ec3fcc77cdd56 |
|
| Details | sha256 | 2 | e5286671048b1ef44a4665c091ad6a9d1f77d6982cf4550b3d2d3a9ef1e24bc7 |
|
| Details | IPv4 | 4 | 185.250.148.76 |
|
| Details | IPv4 | 4 | 45.135.134.211 |
|
| Details | IPv4 | 5 | 194.180.174.180 |
|
| Details | IPv4 | 4 | 45.140.146.169 |
|
| Details | IPv4 | 4 | 37.221.67.219 |
|
| Details | IPv4 | 4 | 94.140.114.231 |
|
| Details | Windows Registry Key | 31 | HKCU\Software\Microsoft\Windows\CurrentVersion\Internet |