Dissecting the Chrome Extension Facebook malware - Detectify Labs
Tags
attack-pattern: Data Chat Messages - T1552.008 Cloud Services - T1021.007 Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID addfe5bf-e2e6-4ef3-b998-d39dc5246cb3
Fingerprint 3c018810082712e2
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 31, 2017, 11 a.m.
Added to db Jan. 18, 2023, 9:56 p.m.
Last updated Nov. 17, 2024, 12:58 p.m.
Headline Dissecting the Chrome Extension Facebook malware
Title Dissecting the Chrome Extension Facebook malware - Detectify Labs
Detected Hints/Tags/Attributes 44/1/16
Source URLs
Redirection Url
Details Source https://labs.detectify.com/2017/08/31/dissecting-the-chrome-extension-facebook-malware/
URL Provider
Details Provider Source level domain
Details detectify.com labs.detectify.com
Attributes
Details Type #Events CTI Value
Details Domain 112 
docs.google.com
Details Domain 330 
facebook.com
Details File 40 
background.js
Details File 86 
manifest.json
Details File 207 
login.php
Details File 4 
adobeflashplayerinstaller.dmg
Details File 3 
flashplayer.dmg
Details File 2 
mplay.dmg
Details File 2 
videoplayersetup_2368681540.exe
Details File 2 
videoplayersetup_3106177604.exe
Details File 364 
console.log
Details md5 2 
d8bf71b7b524077d2469d9a2524d6d79
Details md5 2 
cfc58f532b16395e873840b03f173733
Details md5 2 
05163f148a01eb28f252de9ce1bd6978
Details md5 2 
93df484b00f1a81aeb9ccfdcf2dce481
Details md5 2 
de4f41ede202f85c370476b731fb36eb