HookAds Continues to use RIG EK to Drop Dreambot
Tags
attack-pattern: Dns - T1071.004 Dns - T1590.002
Show in Graph
Common Information
Type Value
UUID b4a29b93-b9b4-47be-8659-c742fdcb0c90
Fingerprint ecb7617d663665f5
Analysis status DONE
Considered CTI value 2
Text language
Published July 18, 2017, 10:20 a.m.
Added to db Jan. 18, 2023, 9:59 p.m.
Last updated Nov. 16, 2024, 7:04 p.m.
Headline HookAds Continues to use RIG EK to Drop Dreambot
Title HookAds Continues to use RIG EK to Drop Dreambot
Detected Hints/Tags/Attributes 19/1/27
Source URLs
Redirection Url
Details Source https://malwarebreakdown.com/2017/07/18/hookads-continues-to-use-rig-ek-to-drop-dreambot/
URL Provider
Details Provider Source level domain
Details malwarebreakdown.com malwarebreakdown.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
milips.info
Details Domain 123 
ipinfo.io
Details Domain 4 
aeeeeeeeeeeeeeeeeeeeeeeeeeeeva.onion
Details Domain 35 
resolver1.opendns.com
Details Domain 20 
222.222.67.208.in-addr.arpa
Details Domain 35 
myip.opendns.com
Details File 8 
popunder.php
Details File 1 
milips.inf
Details File 1 
t3.css
Details File 2 
countryhits.txt
Details File 2 
lp.txt
Details File 52 
exploit.swf
Details File 23 
o32.tmp
Details File 1 
gltv7bjw.exe
Details sha256 1 
f4886efc9f50af4808c913b8a5b702b205000092757e2a08623010896212d274
Details sha256 1 
a7d0192841d8f92194a86c9c98ddddfd1283dbddffe9140ac501928950978ca8
Details sha256 1 
26e0d0a3ec16f874137bda37f2357bd914234ee8a6a62658ca4dfec1bb556f6b
Details sha256 1 
644b6905a1a1b35620c5dd44bfd30e039bbeaa54799853b4b93ee7ee51bbbe0e
Details sha256 1 
869067582081bdd8a6fe5c194bebe71cace185f69ce2992a17492641e5290f47
Details sha256 1 
e2db455c4840be8dcee0f2fe78e0cb309d898dc4ce9d50dff07c4a0a9575754b
Details sha256 2 
4384458b9c3f09af64f386552588ea9b35e4aa7438bbb515dadf4b4619e10820
Details IPv4 10 
80.77.82.41
Details IPv4 1 
188.225.87.170
Details IPv4 1 
142.91.104.107
Details IPv4 24 
216.239.34.21
Details IPv4 24 
222.222.67.208
Details Url 1 
http://milips.info/banners/countryhits