Orion Threat Alert: Flight of the BumbleBee - Cynet
Tags
Common Information
| Type | Value |
|---|---|
| UUID | ab9b453e-f867-48ab-82c0-c3fcea4a33ae |
| Fingerprint | 24a728f94d345705 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 14, 2022, 9:27 p.m. |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 17, 2024, 10:40 p.m. |
| Headline | Orion Threat Alert: Flight of the BumbleBee |
| Title | Orion Threat Alert: Flight of the BumbleBee - Cynet |
| Detected Hints/Tags/Attributes | 79/2/34 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | hojimizeg.com |
|
| Details | Domain | 1 | notixow.com |
|
| Details | Domain | 1 | rewujisaf.com |
|
| Details | File | 1 | documents-04-106.iso |
|
| Details | File | 127 | c:\windows\system32\rundll32.exe |
|
| Details | File | 1 | settings.dll |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 3 | neqw.dll |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 14 | advpack.dll |
|
| Details | File | 2 | sysctl.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 376 | wscript.exe |
|
| Details | File | 142 | wmiprvse.exe |
|
| Details | File | 53 | adfind.exe |
|
| Details | File | 6 | ldraddx64.dll |
|
| Details | File | 3 | rapportgp.dll |
|
| Details | File | 1 | documents-17.iso |
|
| Details | File | 1 | invoice_pdf_1.iso |
|
| Details | sha256 | 1 | 88f5ae9691e6bcdd4065a420eafaf3e3aa32c69605bf564a42ffd8ecd25c9920 |
|
| Details | sha256 | 1 | 4a49e2f06ba48d3a88fdeb83fb8021f3d165535e8ea5319b16a7ebe4da9c0751 |
|
| Details | sha256 | 1 | 08cd6983f183ef65eabd073c01f137a913282504e2502ac34a1be3e599ac386b |
|
| Details | sha256 | 1 | 186145f84ed6a473ec6bc4afa66bff156057888938793b12afd17659041ddbba |
|
| Details | sha256 | 1 | 4063fab9176db3960fa6014173b6c7ba52f19424887f5a6205ff73aa447ada61 |
|
| Details | sha256 | 1 | 53b3ebaa3c485772f8e6abaa0f366ef192137496a7064e015ced4e6fc204b3c8 |
|
| Details | sha256 | 1 | d74a3f9b35d657516eb53d4e70582f93d22077d3e0936758cc4ef76d5171075d |
|
| Details | sha256 | 1 | 8f47c3962a7c418bae71fec42bbca9524b72f8f0fd2dd81d1175138f7d20b2f7 |
|
| Details | sha256 | 1 | c97b8bffcbe424cbc2a6e1135068d071c6f4e8f020fccd2db3dbee3aa80102ac |
|
| Details | IPv4 | 3 | 23.82.19.208 |
|
| Details | IPv4 | 3 | 192.236.198.63 |
|
| Details | IPv4 | 4 | 45.147.229.177 |
|
| Details | IPv4 | 2 | 45.147.228.197 |
|
| Details | IPv4 | 1 | 23.19.58.154 |
|
| Details | IPv4 | 1 | 142.234.157.176 |