ioc[.]one - OSINT Cyber Threat Intelligence Database

Config Extractor per DanaBot (PARTE 1) – Malverse

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	a0d3ce14-df78-42be-9184-cf00f97b75ec
Fingerprint	2dfd5d007f15228d
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 7, 2022, midnight
Added to db	Sept. 26, 2022, 9:33 a.m.
Last updated	Nov. 17, 2024, 6:30 p.m.
Headline	Malverse
Title	Config Extractor per DanaBot (PARTE 1) – Malverse
Detected Hints/Tags/Attributes	25/2/32

Source URLs

	Redirection	Url
Details	Source	https://malverse.it/costruiamo-un-config-extractor-per-danabot-parte-1

URL Provider

Details	Provider	Source level domain
Details	malverse.it	malverse.it

Attributes

Details	Type	#Events	Value
Details	Domain	75	tria.ge
Details	Domain	2	sample.read
Details	Domain	48	pefile.pe
Details	Domain	162	bleepingcomputer.com
Details	File	13	pe.opt
Details	File	1	yvndixkm.txt
Details	md5	1	6b448c6851f3235c9b3d0c24353c480f
Details	md5	1	5c0be4a5273dec6b3ebb180a90f337f2
Details	md5	1	611c2bf7aa7bb62e90f3a92f3682c0b5
Details	IPv4	1	243.127.43.6
Details	IPv4	1	64.126.175.2
Details	IPv4	1	130.15.230.152
Details	IPv4	1	74.99.136.192
Details	IPv4	1	244.14.226.35
Details	IPv4	1	95.179.168.37
Details	IPv4	1	51.129.76.8
Details	IPv4	1	151.210.85.159
Details	IPv4	1	45.76.123.177
Details	IPv4	1	75.57.14.121
Details	IPv4	1	181.63.44.194
Details	IPv4	1	207.148.83.108
Details	IPv4	1	45.77.40.71
Details	IPv4	1	87.115.138.169
Details	IPv4	1	24.229.48.7
Details	IPv4	1	116.111.206.27
Details	IPv4	1	45.196.143.203
Details	IPv4	1	218.65.3.199
Details	IPv4	1	131.59.110.186
Details	IPv4	1	113.81.97.96
Details	Url	1	https://tria.ge/220730-18sgmaafg4
Details	Url	1	https://tria.ge/220731-np187sfcej
Details	Url	1	https://tria.ge/220731-lj42ssaac3