Peering into Dyre's Traffic
Tags
Common Information
| Type | Value |
|---|---|
| UUID | aa3e85fe-2f42-4efe-bd04-67840c739d1a |
| Fingerprint | a701d51824a3e4d1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 5, 2015, 4:36 p.m. |
| Added to db | Aug. 30, 2024, 11:13 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | BAE Systems Threat Research Blog |
| Title | Peering into Dyre's Traffic |
| Detected Hints/Tags/Attributes | 56/2/24 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 3 | ✔ | BAE Systems Threat Research Blog | http://baesystemsai.blogspot.com/feeds/posts/default | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | cashproonline.bankofamerica.com |
|
| Details | Domain | 1 | alpwymwnetpcbilokvkkvo12081.com |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 1260 | explorer.exe |
|
| Details | File | 263 | iexplore.exe |
|
| Details | File | 17 | redirect.php |
|
| Details | File | 6 | vncdll.dll |
|
| Details | md5 | 1 | b7db8e9943ab39a60d8470fe2f859164 |
|
| Details | md5 | 1 | 18875F835C6EE27D8FD0EE9B05225DD7 |
|
| Details | md5 | 1 | 3F30949AD42522B2140387EBD65001CF |
|
| Details | IPv4 | 1 | 212.37.81.96 |
|
| Details | IPv4 | 619 | 0.0.0.0 |
|
| Details | IPv4 | 1 | 208.123.135.106 |
|
| Details | IPv4 | 1 | 195.154.106.76 |
|
| Details | IPv4 | 1 | 195.154.105.117 |
|
| Details | IPv4 | 1 | 5.154.190.253 |
|
| Details | IPv4 | 1 | 217.12.202.99 |
|
| Details | IPv4 | 1 | 212.129.36.69 |
|
| Details | IPv4 | 1 | 46.165.245.223 |
|
| Details | IPv4 | 1 | 46.165.223.143 |
|
| Details | IPv4 | 1 | 193.111.140.185 |
|
| Details | IPv4 | 1 | 62.210.239.243 |
|
| Details | IPv4 | 1 | 62.210.108.155 |
|
| Details | Pdb | 1 | f:\cppgit\mose\release\vnchelper.pdb |