ioc[.]one - OSINT Cyber Threat Intelligence Database

Just Because It’s Old Doesn’t Mean You Throw It Away (Including Malware!) | FortiGuard Labs

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Rundll32 - T1218.011 Tool - T1588.002 Rundll32 - T1085

Show in Graph

Common Information

Type	Value
UUID	b2c840a1-7bf2-42ba-8b3d-a9e8c207c703
Fingerprint	bed68c51e102d712
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 1, 2023, 10:30 a.m.
Added to db	March 1, 2023, 10:22 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Just Because It’s Old Doesn’t Mean You Throw It Away (Including Malware!)
Title	Just Because It’s Old Doesn’t Mean You Throw It Away (Including Malware!) \| FortiGuard Labs
Detected Hints/Tags/Attributes	42/2/124

Source URLs

	Redirection	Url
Details	Redirection	https://feeds.fortinet.com/~/729416075/0/fortinet/blog/threat-research~Just-Because-It%E2%80%99s-Old-Doesn%E2%80%99t-Mean-You-Throw-It-Away-Including-Malware
Details	Source	https://www.fortinet.com/blog/threat-research/just-because-its-old-doesnt-mean-you-throw-it-away-including-malware

URL Provider

Details	Provider	Source level domain
Details	fortinet.com	www.fortinet.com
Details	fortinet.com	feeds.fortinet.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	117	✔	Fortinet All Blogs	https://feeds.feedburner.com/fortinet/blogs	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	19	document.zip
Details	Domain	2	transcript.zip
Details	Domain	3	letter.zip
Details	Domain	10	attachment.zip
Details	Domain	6	message.zip
Details	Domain	1	golfasian.com
Details	Domain	1	mail.zip
Details	Domain	1	7686f6a96.com
Details	Domain	19	file.zip
Details	Domain	622	en.wikipedia.org
Details	Email	1	john2@golfasian.com
Details	Email	1	tracy@golfasian.com
Details	File	16	document.zip
Details	File	2	transcript.zip
Details	File	3	letter.zip
Details	File	9	attachment.zip
Details	File	6	message.zip
Details	File	1	mail.zip
Details	File	18	file.zip
Details	File	1018	rundll32.exe
Details	File	478	lsass.exe
Details	File	1	atpysig.exe
Details	File	3	attachment.doc
Details	File	35	document.doc
Details	File	4	file.htm
Details	File	3	letter.exe
Details	File	1	mail.html
Details	File	2	message.bat
Details	File	1	transcript.htm
Details	File	1	transcript.txt
Details	sha256	1	5a6c1929f55baff2e786336c07f02c5d13194ff765073dcdfcae1b0cb53da5bc
Details	sha256	1	1b1e2421dc3d96a8b9dd58d9cc74730c966250df7c33a1e0df50d983e674b7bc
Details	sha256	1	6223e126a65ba888182d3369adacc7268bd78555f0426653f5b5dd963d4c31a4
Details	sha256	1	ad37758c362a38a8718837ece40ed5699e40de11ed58a586c2a6a6d8bb5251bf
Details	sha256	1	9fc0179c7407476ced89b6124fa52f10d178f3a07e3d50c860b1ced98fb77541
Details	sha256	1	1302161ca791b3fc01188582a075bbfcfeb5f28715ad527be0fe625ec452b1eb
Details	sha256	1	31fd079696a071a48fd4a66588adb22e36dd96028792fb416bcee0f099d6e5cb
Details	sha256	1	5e99396cf134fea102470525d5105afb697b9131d891990e2dc8c9e5e34f8165
Details	sha256	1	009ac15d56c3a5149f10c833b5cc191eede4d33485cab7bc3dd94675a462608c
Details	sha256	1	9fcf4b0e00d20060274861b41b2c13b68dfedbd2ac0012436b13960b2a570d4f
Details	sha256	1	34d9e11e71fe18f9eb290461714826e1069a129d44db25c6c4fe581f883cbc07
Details	sha256	1	6155f0562adfaa75cf46f674cf094d3f23c27b38c8009b6982f48ca4e77c95b1
Details	sha256	1	92018aff6737899f94aed2461b6e4182383b6677be2e8d4f82098265d74fb913
Details	sha256	1	eba7ec36cb9cc3c3677f5325ee9f755fefe885235849aede61a0b130a9f6255b
Details	sha256	1	d438e3ec7bd0fa4b231a6a1704d89f117d3b6b6ba342915b4d095027d0fe4c90
Details	sha256	1	a966f61a86dae4737f99d5b7668b0fcab3124125d2030faa08855ae12c9525ee
Details	sha256	1	48c70041def3bf288f7f85ee96eb59a2f7d965963a66e0c86fb3c88b3e079386
Details	sha256	1	2ddc70753893167b7b5d15c1e3cf6f22b6d8a0ee8a4aaea93c40655608f6fc75
Details	sha256	1	20b372391f4d0fd9e4f69fc950456b557fab27f7bbbdeede36cff404e35614aa
Details	sha256	1	7b596caceaf2e8a139c01eaf67e5e52ff3247ca6d20112ea9ce59a02a1a5bb7d
Details	sha256	1	2744c29d98a144fabda0ac75264235cd82b798f3bd5a56fab2ad28ec218b94c8
Details	sha256	1	eb5bfbb3be5300c1231a8ece93d239b7a02a4f308d7efe85d604f06d3aca57ad
Details	sha256	1	8d4dcf463e7a69cd1b3039779d9d36c8a4669444b30d3261f876b7720bdb6752
Details	sha256	1	5cb5efc8e0be0bf32eb73fbdaebedacf70cba946f5dfaea7166dcd0f4ca5989f
Details	sha256	1	c12e27b30706dd1d11e5822285e209a187724148a682d178f1e2bc3f8d670ea7
Details	sha256	1	6bbcc015c5a72b03601f8087c57024a7e74975dfb567b867c3404958e4239c9c
Details	sha256	1	d599d4343fe3d831bcad8ea7305f050608a182f99636ea9e87c9400d19fae043
Details	sha256	1	f5dc449255319cebd38ce255060a8019e0f5697de8ac31353c7d067d9e1218e6
Details	sha256	1	11a86a2388c501773b52ae79ee1f7504caca6c25d835d40b8afc9ebe29c7a26d
Details	sha256	1	942ef9da07de7d70c2efcfc20e375e6919a521d44ddabf9369042aea1553f712
Details	sha256	1	10502c24bb63af929da22ec306f44f9e557b4e3bbf588afd1a7f190aa9840938
Details	sha256	1	21ee754775ca9f76b2d18d0b87722ffa0c9ab0f676e4aa6ac4881dff580087ac
Details	sha256	1	505b177a6c24c69a9fda1e78db7421fad4893d7c07e3cea91897decfbc4510be
Details	sha256	1	ad29b1c0423a878758a444ad6bf38aa2ad276a98f0ca552b475d890db631f48b
Details	sha256	1	113db96ddc72fb3300e981c7691cd202d3d0a5b097e84cd41eee6a54d868bf31
Details	sha256	1	3df99ae8f2083419fd030c42ca6729b6e5319df6aca1204d7081ce6ea91c69da
Details	sha256	1	04123ec908c4a60282fa35fed76a377b22a49b6f9bfaf5a81121fd7204b4b83d
Details	sha256	1	4864f84ea0f6939751310a2cca43e71a57171f37679cb7853d29a083b1617a09
Details	sha256	1	35bb66f1cc9e820ef50c22d0abb0f5f7ba8724bebb4a5a795e68790943742928
Details	sha256	1	9bf413a9d9b3b17767f0a93450f834947475765b2fd1ecccaa943f8ce9d58082
Details	sha256	1	9a2f837a8adb16632ce4ec3c8b02037a4e96e66e6737ef1169afb2e48e46aa6a
Details	sha256	1	bfaf49a691792a29024a75119a9841caacefb306494ca011a42b46c12ca65895
Details	sha256	1	59ad199d81590be7b83768227fe3a79b115f6c978b8715864ae0e22e5d324e36
Details	sha256	1	ecda9c446dd6aa0018cd5fc9c99ba846484f8d2a81d7f97167d89b890e4d5c1a
Details	sha256	1	e745cc1ae5a89a9f2b4b0eabbac342520703b03f68dafeb6d29194fe19e899e9
Details	sha256	1	1f442b9ff3c9225e3eaa9c74d16b3a74117bb66e1d372ca15b6154d386a93e57
Details	IPv4	1	15.244.197.9
Details	IPv4	1	141.240.203.6
Details	IPv4	1	16.115.197.163
Details	IPv4	1	67.120.102.206
Details	IPv4	1	220.234.104.158
Details	IPv4	1	166.77.123.68
Details	IPv4	1	198.89.160.22
Details	IPv4	1	15.98.11.12
Details	IPv4	1	67.121.94.10
Details	IPv4	1	15.24.69.27
Details	IPv4	1	129.204.109.121
Details	IPv4	1	70.241.87.215
Details	IPv4	1	16.80.195.68
Details	IPv4	1	15.9.79.129
Details	IPv4	1	15.14.59.199
Details	IPv4	1	216.114.194.30
Details	IPv4	1	15.228.15.126
Details	IPv4	1	16.100.121.101
Details	IPv4	1	15.63.9.76
Details	IPv4	1	65.6.113.38
Details	IPv4	1	141.240.211.237
Details	IPv4	1	16.83.199.36
Details	IPv4	1	66.248.57.65
Details	IPv4	1	15.59.127.133
Details	IPv4	1	16.150.138.126
Details	IPv4	1	141.154.253.115
Details	IPv4	1	66.43.244.133
Details	IPv4	1	68.158.45.83
Details	IPv4	1	152.16.43.135
Details	IPv4	1	129.81.101.242
Details	IPv4	1	16.102.137.19
Details	IPv4	1	16.102.153.27
Details	IPv4	1	67.171.253.156
Details	IPv4	1	15.75.188.252
Details	IPv4	1	216.128.188.41
Details	IPv4	1	16.126.107.216
Details	IPv4	1	16.125.202.53
Details	IPv4	1	162.28.185.188
Details	IPv4	1	195.75.252.98
Details	IPv4	1	68.223.45.7
Details	IPv4	1	24.148.141.102
Details	IPv4	1	141.240.190.28
Details	IPv4	1	129.243.132.29
Details	IPv4	1	148.193.135.228
Details	IPv4	1	24.190.210.189
Details	IPv4	1	12.166.196.8
Details	IPv4	1	15.228.161.161
Details	Url	1	https://en.wikipedia.org/wiki/upx