ioc[.]one - OSINT Cyber Threat Intelligence Database

Shakti Trojan: Document Thief | Malwarebytes Labs

Tags

country:	India
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Whois - T1596.002

Show in Graph

Common Information

Type	Value
UUID	b0521bb1-96fc-4a35-856d-1d847c565ff8
Fingerprint	7f4115cf292f06d0
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 15, 2016, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Oct. 24, 2024, 8:01 a.m.
Headline	Shakti Trojan: Document Thief
Title	Shakti Trojan: Document Thief \| Malwarebytes Labs
Detected Hints/Tags/Attributes	40/2/22

Source URLs

	Redirection	Url
Details	Source	https://blog.malwarebytes.com/threat-analysis/2016/08/shakti-trojan-stealing-documents/

URL Provider

Details	Provider	Source level domain
Details	malwarebytes.com	blog.malwarebytes.com

Attributes

Details	Type	#Events	Value
Details	Domain	2	web4solution.net
Details	Domain	2	securedesignus.com
Details	Domain	2	securedesignuk.com
Details	Domain	2	www.enom.com
Details	Domain	1	domainbigdata.com
Details	Domain	1	netearthone.comsecuredesignus.com
Details	Domain	14	who.is
Details	File	2	carrier.dll
Details	File	23	payload.dll
Details	File	199	firefox.exe
Details	File	1	web4solution-net.html
Details	md5	2	b1380af637b4011e674644e0a1a53a64
Details	md5	2	bc05977b3f543ac1388c821274cbd22e
Details	md5	2	7d0ebb99055e931e03f7981843fdb540
Details	md5	2	8ea35293cbb0712a520c7b89059d5a2a
Details	md5	2	6992370821f8fbeea4a96f7be8015967
Details	md5	2	d9181d69c40fc95d7d27448f5ece1878
Details	Pdb	1	e:\projects\complexstatement\shakti\code\carrier\release\carrier.pdb
Details	Pdb	1	e:\projects\complexstatement\shakti\code\payload\release\payload.pdb
Details	Url	1	http://www.enom.com/whois/web4solution-net.html
Details	Url	1	http://domainbigdata.com/name/ashraf
Details	Url	1	https://who.is/whois/securedesignus.com