Dissecting the Chrome Extension Facebook malware
Tags
attack-pattern: Cloud Services - T1021.007 Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID a9e29618-d266-45e1-bd10-01757d3bb99e
Fingerprint 3c018800088712e2
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 31, 2017, 11 a.m.
Added to db Feb. 17, 2023, 11:20 p.m.
Last updated Nov. 17, 2024, 12:58 p.m.
Headline Dissecting the Chrome Extension Facebook malware
Title Dissecting the Chrome Extension Facebook malware
Detected Hints/Tags/Attributes 36/1/15
Source URLs
Redirection Url
Details Source https://securelist.com/dissecting-the-chrome-extension-facebook-malware/81716/
URL Provider
Details Provider Source level domain
Details securelist.com securelist.com
Attributes
Details Type #Events CTI Value
Details Domain 112 
docs.google.com
Details Domain 330 
facebook.com
Details File 40 
background.js
Details File 86 
manifest.json
Details File 207 
login.php
Details File 4 
adobeflashplayerinstaller.dmg
Details File 3 
flashplayer.dmg
Details File 2 
mplay.dmg
Details File 2 
videoplayersetup_2368681540.exe
Details File 2 
videoplayersetup_3106177604.exe
Details md5 2 
d8bf71b7b524077d2469d9a2524d6d79
Details md5 2 
cfc58f532b16395e873840b03f173733
Details md5 2 
05163f148a01eb28f252de9ce1bd6978
Details md5 2 
93df484b00f1a81aeb9ccfdcf2dce481
Details md5 2 
de4f41ede202f85c370476b731fb36eb