Emotet Being Distributed via OneNote - ASEC BLOG
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malware - T1587.001 Malware - T1588.001 Regsvr32 - T1218.010 Regsvr32 - T1117
Show in Graph
Common Information
Type Value
UUID ac046c4f-cb0d-4e5a-b78d-e446f1954c02
Fingerprint aaca9e7fcf168b1a
Analysis status DONE
Considered CTI value 2
Text language
Published March 28, 2023, 10:05 a.m.
Added to db March 28, 2023, 3:32 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Emotet Being Distributed via OneNote
Title Emotet Being Distributed via OneNote - ASEC BLOG
Detected Hints/Tags/Attributes 16/2/21
Source URLs
Redirection Url
Details Source https://asec.ahnlab.com/en/50564/
URL Provider
Details Provider Source level domain
Details ahnlab.com asec.ahnlab.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 17 ASEC https://asec.ahnlab.com/en/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 4 
www.garrett.kz
Details Domain 3 
sdspush.beget.tech
Details Domain 3 
www.agropuno.gob.pe
Details Domain 3 
sipo.ru
Details Domain 3 
meteo.camera
Details File 2 
output1.js
Details File 459 
regsvr32.exe
Details md5 2 
b1a10568aa1e4a47ad2aa35788edc0af
Details md5 2 
ad0358aa96105ca02607a7605f3a1e80
Details md5 2 
08d40c504500c324b683773b1c6189d9
Details md5 2 
89457cb5c8b296b5fb9a39218b485e1a
Details md5 2 
6c442d3235f3e60f7a9ea3efca0289ab
Details md5 2 
32ec97bbc9826ee88697362023ba68ed
Details md5 2 
c3d33ce14a48096e1cd5ce43fa4e307e
Details md5 2 
27f882a2b795abfae8f33440afcd3ad4
Details md5 2 
50150db8010ddc87150cb8445f45d270
Details Url 2 
http://www.garrett.kz/faq/ispvxbmuu3numa5wkdy
Details Url 2 
http://sdspush.beget.tech/connectors/gdsep6kcwtck20hvy
Details Url 2 
http://www.agropuno.gob.pe/wp-content/f9i32dweuqcbprt19mz7
Details Url 2 
http://sipo.ru/images/acyhhls8n0bxbg4bu
Details Url 2 
http://meteo.camera/11/vku