ioc[.]one - OSINT Cyber Threat Intelligence Database

Plurox: Modular backdoor

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Email Addresses - T1589.002 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	b46b0d50-c862-43aa-b690-43490c660ae5
Fingerprint	a42a111a8c73bdd2
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 18, 2019, 10 a.m.
Added to db	Sept. 11, 2022, 12:34 p.m.
Last updated	Oct. 16, 2024, 2:41 a.m.
Headline	Plurox: Modular backdoor
Title	Plurox: Modular backdoor
Detected Hints/Tags/Attributes	43/2/27

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/plurox-modular-backdoor/91213/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	obuhov2k.beget.tech
Details	Domain	1	webdynamicname.com
Details	Domain	1	tradingbot.zip
Details	File	10	win32.pl
Details	File	1	tradingbot.zip
Details	md5	1	59523DD8F5CE128B68EA44ED2EDD5FCA
Details	md5	1	C4A74D79030336A0C3CF60DE2CFAE9E9
Details	md5	1	CECFD6BCFDD56B5CC1C129740EA2C524
Details	md5	1	BE591AA0E48E496B781004D0E833E261
Details	md5	1	f233dd609821c896a4cb342cf0afe7b2
Details	md5	1	2e55ae88c67b1d871049af022cc22aac
Details	md5	1	b2d76d715a81862db84f216112fb6930
Details	md5	1	a24fd434ffc7d3157272189753118fbf
Details	md5	1	117f978f07a658bce0b5751617e9d465
Details	md5	1	768857d6792ee7be1e1c5b60636501e5
Details	md5	1	e8aed94c43c8c6f8218e0f2e9b57f083
Details	md5	1	8cf5c72217c1bb48902da2c83c9ccd4e
Details	md5	1	b2824d2007c5a1077856ae6d8192f523
Details	md5	1	6915dd5186c65891503f90e91d8716c6
Details	md5	1	cd68adc0fbd78117521b7995570333b2
Details	IPv4	1	192.168.10.165
Details	IPv4	2	178.21.11.90
Details	IPv4	2	185.146.157.143
Details	IPv4	2	37.140.199.65
Details	IPv4	2	194.58.92.63
Details	IPv4	1	37.46.131.250
Details	IPv4	1	188.93.210.42