FakeBat Impersonates Midjourney, ChatGPT in Drive-by Cyberattacks
Tags
cmtmf-attack-pattern: Masquerading
country: Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Models Artificial Intelligence - T1588.007 Code Signing - T1553.002 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Tool - T1588.002 Vulnerabilities - T1588.006 Brute Force - T1110 Code Signing - T1116 Masquerading - T1036 Powershell - T1086 Masquerading
Show in Graph
Common Information
Type Value
UUID af0ffd55-15d9-4282-b190-f34bcbeb1d97
Fingerprint 5e13ad9be9f0fc4
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 27, 2023, midnight
Added to db Oct. 24, 2023, 1:21 p.m.
Last updated Oct. 15, 2024, 9:53 p.m.
Headline FakeBat Impersonates Midjourney, ChatGPT in Drive-by Cyberattacks
Title FakeBat Impersonates Midjourney, ChatGPT in Drive-by Cyberattacks
Detected Hints/Tags/Attributes 70/4/27
Source URLs
Redirection Url
Details Redirection https://www.esentire.com/blog/batloader-impersonates-midjourney-chatgpt-in-drive-by-cyberattacks
Details Source https://www.esentire.com/blog/fakebat-impersonates-midjourney-chatgpt-in-drive-by-cyberattacks
URL Provider
Details Provider Source level domain
Details esentire.com www.esentire.com
Attributes
Details Type #Events CTI Value
Details Domain 5 
chatgpt-t.com
Details Domain 2 
pcmartusa.com
Details Domain 2 
advert-job.ru
Details Domain 2 
job-lionserver.site
Details Domain 2 
adv-pardorudy.ru
Details Domain 33 
chat.openai.com
Details Domain 2 
jokeadvert.ru
Details File 1 
chat-gpt-x64.msi
Details File 5 
chatgpt.exe
Details File 4 
chat.ps1
Details File 3 
aistubx64.exe
Details File 4 
start.php
Details File 33 
install.php
Details File 4 
midjourney-x64.msi
Details File 3 
chat-ready.ps1
Details File 3 
midjourney.exe
Details md5 2 
86a9728fd66d70f0ce8ef945726c2b77
Details md5 1 
7716F2344BCEBD4B040077FC00FDB543
Details md5 2 
cfe067ccaa39fb203af404e1d42cb739
Details md5 2 
33ee0bb76f93a82bbab5fd4b2a903291
Details md5 2 
906f7ddf43b924f399518b1a0f23ed4f
Details md5 1 
C29215DDCD02477252E96E4CB33BD29D
Details md5 1 
50BE501494F981065825F44DDDF693F3
Details IPv4 2 
185.161.248.81
Details Url 2 
https://pcmartusa.com/gpt
Details Url 10 
https://chat.openai.com
Details Url 1 
https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.