Rewterz Threat Alert – Malspam Campaign Dropping Loki Bot Malware - Rewterz
Tags
attack-pattern: | Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Denial Of Service |
Common Information
Type | Value |
---|---|
UUID | a1522a6c-7946-48e0-80a4-754b8475ecf5 |
Fingerprint | 86b507d17f508f4f |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | July 11, 2019, 3:55 p.m. |
Added to db | Dec. 19, 2024, 7:49 p.m. |
Last updated | Dec. 19, 2024, 7:50 p.m. |
Headline | Rewterz Threat Alert – Malspam Campaign Dropping Loki Bot Malware |
Title | Rewterz Threat Alert – Malspam Campaign Dropping Loki Bot Malware - Rewterz |
Detected Hints/Tags/Attributes | 21/1/14 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 3 | cve-2019-0052 |
|
Details | Domain | 1 | kamnaexim.com |
|
Details | Domain | 1 | www.dnll.pw |
|
Details | Domain | 1 | indocater.co.id |
|
Details | 1 | inca.chemicon@indocater.co.id |
||
Details | md5 | 1 | 1b76734447ec104a4fc399c430dd007a |
|
Details | md5 | 1 | 13404b29411193d09f1884147f84dd15 |
|
Details | sha1 | 1 | 13a35d9c157c65d14ee288b77e1b7eec14142af7 |
|
Details | sha1 | 1 | 2c249547abd254445b63e8b594eef7503093dcdf |
|
Details | sha256 | 1 | a427dcac18d98d24d814d279cb436d22bccb84e60b8f0d30ab793262d93f2b92 |
|
Details | sha256 | 1 | ed9972a3730f4310c70deb88f8e73cdb9bef86a2cc36c0068ea421dc8f932b25 |
|
Details | IPv4 | 1 | 37.49.224.216 |
|
Details | Url | 1 | http://kamnaexim.com/bui/cu/total.exe |
|
Details | Url | 1 | http://www.dnll.pw/la/stone/fre.php |