Python-Based NodeStealer Version Targets Facebook Ads Manager
Tags
Common Information
Type | Value |
---|---|
UUID | a73be4d7-657e-4d49-9182-aa07c59050bc |
Fingerprint | a4b41e999177afc3 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 19, 2024, midnight |
Added to db | Dec. 21, 2024, 4:02 a.m. |
Last updated | Dec. 25, 2024, 4:36 a.m. |
Headline | Python-Based NodeStealer Version Targets Facebook Ads Manager |
Title | Python-Based NodeStealer Version Targets Facebook Ads Manager |
Detected Hints/Tags/Attributes | 79/3/35 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 119 | ✔ | Trend Micro Research, News and Perspectives | https://feeds.feedburner.com/TrendMicroSimplySecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Url | 1 | https://api.telegram.org/bot7688244721 |
|
Details | Url | 1 | https://t.ly/mrabj |
|
Details | Domain | 2 | 052881.zip |
|
Details | Domain | 1 | hacking.vn |
|
Details | Domain | 159 | api.telegram.org |
|
Details | 1 | kimsexy@hacking.vn |
||
Details | File | 2 | 052881.zip |
|
Details | File | 2 | ghelper.dll |
|
Details | File | 2 | 052881.exe |
|
Details | File | 2 | hpreaderfprefs.dat |
|
Details | File | 3 | oledlg.dll |
|
Details | File | 2 | active-license.bat |
|
Details | File | 2 | license-key.exe |
|
Details | File | 2 | license.rar |
|
Details | File | 2339 | cmd.exe |
|
Details | File | 437 | c:\windows\system32\cmd.exe |
|
Details | File | 2 | license.exe |
|
Details | File | 1 | %localappdata%\chromeapplication images\license-key.exe |
|
Details | File | 102 | rar.exe |
|
Details | File | 6 | synaptics.exe |
|
Details | File | 31 | pythonw.exe |
|
Details | File | 77 | vcruntime140.dll |
|
Details | File | 2 | 10.dll |
|
Details | File | 25 | document.pdf |
|
Details | File | 2 | c:\program files\adobe\acrobat dc\acrobat\acrobat.exe |
|
Details | File | 1 | %localappdata%\chromeapplication\synaptics.exe |
|
Details | File | 2 | entry.txt |
|
Details | File | 8 | hacktool.bat |
|
Details | sha256 | 1 | 0b1866b627d8078d296e7d39583c9f856117be79c1d226b8c9378fe075369118 |
|
Details | sha256 | 1 | ed1c48542a3e58020bd624c592f6aa7f7868ee16fbb03308269d44c4108011b1 |
|
Details | sha256 | 2 | f813da93eed9c536154a6da5f38462bfb4ed80c85dd117c3fd681cf4790fbf71 |
|
Details | sha256 | 2 | 1c9c7bb07acb9d612af2007cb633a6b1f569b197b1f93abc9bd3af8593e1ec66 |
|
Details | sha256 | 2 | 786db3ddf2a471516c832e44b0d9a230674630c6f99d3e61ada6830726172458 |
|
Details | IPv4 | 2 | 88.216.99.5 |
|
Details | Url | 2 | http://88.216.99.5:15707/entry.txt |