ioc[.]one - OSINT Cyber Threat Intelligence Database

Virus Bulletin :: URLZone reloaded: new evolution

Tags

country:	Russia
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Hooking - T1617 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Hooking - T1179 Hooking

Show in Graph

Common Information

Type	Value
UUID	ae4f08d7-b0e5-47b8-a5f4-9f7fbce6a452
Fingerprint	7c1dd871ac3004d3
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 1, 2012, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	URLZone reloaded: new evolution
Title	Virus Bulletin :: URLZone reloaded: new evolution
Detected Hints/Tags/Attributes	68/2/43

Source URLs

	Redirection	Url
Details	Source	https://www.virusbulletin.com/virusbulletin/2012/09/urlzone-reloaded-new-evolution/

URL Provider

Details	Provider	Source level domain
Details	virusbulletin.com	www.virusbulletin.com

Attributes

Details	Type	#Events	Value
Details	Domain	2	us.at
Details	Domain	2	finanzportal.fiducia.de
Details	Domain	201	msdn.microsoft.com
Details	File	10	%programfiles%\internet explorer\iexplore.exe
Details	File	1260	explorer.exe
Details	File	119	smss.exe
Details	File	165	csrss.exe
Details	File	3	update2.exe
Details	File	2	c:\test\ppp.exe
Details	File	1122	svchost.exe
Details	File	212	winlogon.exe
Details	File	9	c:\windows\system32\userinit.exe
Details	File	50	userinit.exe
Details	File	2	defr.exe
Details	File	2	icon.exe
Details	File	58	thebat.exe
Details	File	15	msimn.exe
Details	File	263	iexplore.exe
Details	File	3	myie.exe
Details	File	199	firefox.exe
Details	File	8	mozilla.exe
Details	File	6	avant.exe
Details	File	9	maxthon.exe
Details	File	173	outlook.exe
Details	File	2	ftpte.exe
Details	File	3	coreftp.exe
Details	File	10	filezilla.exe
Details	File	6	totalcmd.exe
Details	File	2	cftp.exe
Details	File	3	ftpvoyager.exe
Details	File	3	smartftp.exe
Details	File	16	winscp.exe
Details	File	146	wininet.dll
Details	File	31	wsock32.dll
Details	File	748	kernel32.dll
Details	File	25	nspr4.dll
Details	IPv4	7	192.168.1.13
Details	Url	1	http://www.tri***us.at/templates/mobiltemplate/images/icon.exe
Details	Url	1	http://msdn.microsoft.com/en-us/library/windows/desktop/aa366551(v=vs.85).aspx
Details	Url	1	http://msdn.microsoft.com/en-us/library/windows/desktop/ff485839(v=vs.85).aspx
Details	Windows Registry Key	3	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Details	Windows Registry Key	41	HKLM\System\CurrentControlSet\Control\Session
Details	Windows Registry Key	164	HKLM\SOFTWARE\Microsoft\Windows