ioc[.]one - OSINT Cyber Threat Intelligence Database

Analysis of new variant of Konni RAT

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Rundll32 - T1218.011 Software - T1592.002 Rundll32 - T1085

Show in Graph

Common Information

Type	Value
UUID	ab2f0667-3b77-46e2-b5f0-293233b39b24
Fingerprint	573038f225ad0787
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 8, 2017, 1:02 p.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 18, 2024, 11:13 p.m.
Headline	UNKNOWN
Title	Analysis of new variant of Konni RAT
Detected Hints/Tags/Attributes	23/2/13

Source URLs

	Redirection	Url
Details	Source	https://vallejo.cc/2017/07/08/analysis-of-new-variant-of-konni-rat/

URL Provider

Details	Provider	Source level domain
Details	vallejo.cc	vallejo.cc

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	3		member-daumchk.netai.net
Details	File	2		errorevent.dll
Details	File	1021		rundll32.exe
Details	File	1		c:\\users\\javi\\appdata\\local\\mfadata\\event\\errorevent.dll
Details	File	1		debug.tmp
Details	File	99		download.php
Details	md5	1		f4abe28f3c35fa75481ae056d8637574
Details	sha256	1		63a43fe8874fbbf3adb1b9aeb03adb6bfaa2935a40bb1893e90e3ab762dd44bd
Details	sha256	1		a12db66cb7b7b991ac2ba736fb48e04566ffd2defdcb08fb9a8ab3781253f73c
Details	sha256	2		290b1e2415f88fc3dd1d53db3ba90c4a760cf645526c8240af650751b1652b8a
Details	sha256	2		8aef427aba54581f9c3dc923d8464a92b2d4e83cdf0fd6ace00e8035ee2936ad
Details	Url	1		http://member-daumchk.netai.net/weget/download.php?file=cb5d234d_dropcom
Details	Windows Registry Key	582		HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run