The curious case of a Sundown EK variant dropping a Cryptocurrency Miner (updated) | Malwarebytes Labs
Tags
Common Information
| Type | Value |
|---|---|
| UUID | b7b21797-0d83-4a44-b5a8-ebfc19a8130e |
| Fingerprint | b7211091246f0ea7 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 6, 2017, midnight |
| Added to db | Jan. 18, 2023, 8:34 p.m. |
| Last updated | Nov. 17, 2024, 11:36 p.m. |
| Headline | The curious case of a Sundown EK variant dropping a Cryptocurrency Miner (updated) |
| Title | The curious case of a Sundown EK variant dropping a Cryptocurrency Miner (updated) | Malwarebytes Labs |
| Detected Hints/Tags/Attributes | 39/1/48 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | pastetext.biz |
|
| Details | Domain | 179 | hotmail.com |
|
| Details | Domain | 1175 | gmail.com |
|
| Details | Domain | 1 | empowernetwork1.us |
|
| Details | Domain | 1 | empowernetwork2.us |
|
| Details | Domain | 1 | empowernetwork3.us |
|
| Details | Domain | 1 | empowernetwork4.us |
|
| Details | Domain | 1 | empowernetwork5.us |
|
| Details | Domain | 1 | empowernetwork6.us |
|
| Details | Domain | 1 | empowernetwork7.us |
|
| Details | Domain | 1 | empowernetwork8.us |
|
| Details | Domain | 1 | empowernetwork9.us |
|
| Details | Domain | 1 | empowernetwork1.biz |
|
| Details | Domain | 1 | empowernetwork2.biz |
|
| Details | Domain | 1 | empowernetwork3.biz |
|
| Details | Domain | 1 | empowernetwork4.biz |
|
| Details | Domain | 1 | website1.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website2.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website3.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website4.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website5.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website6.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website7.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website8.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website9.empowernetworkpackage.biz |
|
| Details | Domain | 1 | website1.empowernetworksolutions.biz |
|
| Details | Domain | 1 | website2.empowernetworksolutions.biz |
|
| Details | Domain | 1 | website3.empowernetworksolutions.biz |
|
| Details | Domain | 1 | website4.empowernetworksolutions.biz |
|
| Details | Domain | 1 | website5.empowernetworksolutions.biz |
|
| Details | Domain | 1 | website6.empowernetworksolutions.biz |
|
| Details | Domain | 1 | website7.empowernetworksolutions.biz |
|
| Details | Domain | 1 | website8.empowernetworksolutions.biz |
|
| Details | Domain | 1 | website9.empowernetworksolutions.biz |
|
| Details | Domain | 1 | empirenetworksol.com |
|
| Details | Domain | 1 | kitempowernetwork.com |
|
| Details | Domain | 1 | empowernetworkpackage.com |
|
| Details | Domain | 1 | empowernetworksolutions.com |
|
| Details | Domain | 1 | empowernetworkads.com |
|
| Details | 1 | lovemonero2.worker@hotmail.com |
||
| Details | 1 | davidgreenwoodjazz@gmail.com |
||
| Details | File | 10 | msvcr120.dll |
|
| Details | md5 | 1 | 0f597c738f2e1a58c03a69f66825fa80 |
|
| Details | md5 | 1 | 22e4113fb0a9d136a56988f7a10c46b8 |
|
| Details | md5 | 1 | 9f2c0ae3cb7ae032bd66f025fcb93f03 |
|
| Details | IPv4 | 2 | 149.202.164.86 |
|
| Details | IPv4 | 1 | 158.69.87.196 |
|
| Details | IPv4 | 1 | 158.69.86.203 |