ioc[.]one - OSINT Cyber Threat Intelligence Database

Mallox 랜섬웨어 국내 유포 중 - ASEC BLOG

Tags

country:	Belarus Kazakhstan Ukraine
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	b080799b-9798-4aab-81d1-6ce4f9b84e94
Fingerprint	8601aa770cba83f5
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 9, 2023, 2:45 p.m.
Added to db	March 9, 2023, 7:27 a.m.
Last updated	Nov. 18, 2024, 1:38 a.m.
Headline	Mallox 랜섬웨어 국내 유포 중
Title	Mallox 랜섬웨어 국내 유포 중 - ASEC BLOG
Detected Hints/Tags/Attributes	30/2/38

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/ko/48959/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	18	✔	ASEC	https://asec.ahnlab.com/ko/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	285	microsoft.net
Details	Domain	397	asp.net
Details	File	2	a-vxnwcwh.dat
Details	File	2	a-ubxdzddvl.png
Details	File	1209	powershell.exe
Details	File	409	c:\windows\system32\cmd.exe
Details	File	62	sqlbrowser.exe
Details	File	66	sqlwriter.exe
Details	File	119	sqlservr.exe
Details	File	10	msmdsrv.exe
Details	File	10	msdtssrvr.exe
Details	File	12	sqlceip.exe
Details	File	18	fdlauncher.exe
Details	File	8	ssms.exe
Details	File	58	sqlagent.exe
Details	File	20	fdhost.exe
Details	File	7	reportingservicesservice.exe
Details	File	46	msftesql.exe
Details	File	9	pg_ctl.exe
Details	File	14	postgres.exe
Details	File	196	desktop.ini
Details	File	193	ntuser.dat
Details	File	143	thumbs.db
Details	File	101	iconcache.db
Details	File	66	ntuser.ini
Details	File	90	bootfont.bin
Details	File	100	ntuser.dat.log
Details	File	120	boot.ini
Details	File	243	autorun.inf
Details	File	6	debuglog.txt
Details	File	5	targetinfo.txt
Details	md5	2	0646ae6d3584f81c257485ade2624e71
Details	md5	2	efe4fffe822e92cf222c31178b95e112
Details	md5	2	b48fe2132ce656be3754560ea9ce8e4e
Details	md5	2	0c7c3ea4c20de5d632be7beddd01c1ba
Details	IPv4	7	80.66.75.36
Details	Url	2	http://80.66.75.36/a-vxnwcwh.dat
Details	Url	2	http://80.66.75.36/a-ubxdzddvl.png