Python-Based NodeStealer Version Targets Facebook Ads Manager
Common Information
Type Value
UUID a73be4d7-657e-4d49-9182-aa07c59050bc
Fingerprint a4b41e999177afc3
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 19, 2024, midnight
Added to db Dec. 21, 2024, 4:02 a.m.
Last updated Dec. 25, 2024, 4:36 a.m.
Headline Python-Based NodeStealer Version Targets Facebook Ads Manager
Title Python-Based NodeStealer Version Targets Facebook Ads Manager
Detected Hints/Tags/Attributes 79/3/35
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 119 Trend Micro Research, News and Perspectives https://feeds.feedburner.com/TrendMicroSimplySecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Url 1
https://api.telegram.org/bot7688244721
Details Url 1
https://t.ly/mrabj
Details Domain 2
052881.zip
Details Domain 1
hacking.vn
Details Domain 159
api.telegram.org
Details Email 1
kimsexy@hacking.vn
Details File 2
052881.zip
Details File 2
ghelper.dll
Details File 2
052881.exe
Details File 2
hpreaderfprefs.dat
Details File 3
oledlg.dll
Details File 2
active-license.bat
Details File 2
license-key.exe
Details File 2
license.rar
Details File 2339
cmd.exe
Details File 437
c:\windows\system32\cmd.exe
Details File 2
license.exe
Details File 1
%localappdata%\chromeapplication  images\license-key.exe
Details File 102
rar.exe
Details File 6
synaptics.exe
Details File 31
pythonw.exe
Details File 77
vcruntime140.dll
Details File 2
10.dll
Details File 25
document.pdf
Details File 2
c:\program files\adobe\acrobat dc\acrobat\acrobat.exe
Details File 1
%localappdata%\chromeapplication\synaptics.exe
Details File 2
entry.txt
Details File 8
hacktool.bat
Details sha256 1
0b1866b627d8078d296e7d39583c9f856117be79c1d226b8c9378fe075369118
Details sha256 1
ed1c48542a3e58020bd624c592f6aa7f7868ee16fbb03308269d44c4108011b1
Details sha256 2
f813da93eed9c536154a6da5f38462bfb4ed80c85dd117c3fd681cf4790fbf71
Details sha256 2
1c9c7bb07acb9d612af2007cb633a6b1f569b197b1f93abc9bd3af8593e1ec66
Details sha256 2
786db3ddf2a471516c832e44b0d9a230674630c6f99d3e61ada6830726172458
Details IPv4 2
88.216.99.5
Details Url 2
http://88.216.99.5:15707/entry.txt