利用GuLoader加载器投递AgentTesla的钓鱼活动分析
Tags
Common Information
| Type | Value |
|---|---|
| UUID | bb75fc50-3a3a-47d5-9104-2cce82144616 |
| Fingerprint | 2b9e79054fb082f0 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 9, 2023, 7:18 a.m. |
| Added to db | June 1, 2023, 10:45 a.m. |
| Last updated | Sept. 29, 2024, 1:32 p.m. |
| Headline | 利用GuLoader加载器投递AgentTesla的钓鱼活动分析 |
| Title | 利用GuLoader加载器投递AgentTesla的钓鱼活动分析 |
| Detected Hints/Tags/Attributes | 8/0/16 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://mp.weixin.qq.com/s/rF4p-PHQrV33svltk44vOg |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | portal-test.xperiorlist.com |
|
| Details | Domain | 2 | emilie.businessup.be |
|
| Details | Domain | 20 | www.antiy.cn |
|
| Details | File | 1 | obcm2.vbs |
|
| Details | File | 4 | microsoft.vbs |
|
| Details | File | 2 | oseyggrugye738uhddwhudrwhjhd.php |
|
| Details | File | 2 | 20180507.html |
|
| Details | File | 1 | 20210812.html |
|
| Details | md5 | 2 | 0D6AE3ECEBF610F5718B7C43AE14239F |
|
| Details | md5 | 2 | DE7CFF093920A47ECAFFE6566E3BF66C |
|
| Details | md5 | 2 | 8A1C57092616A9BF581E4B89A280B0B9 |
|
| Details | Url | 2 | https://portal-test.xperiorlist.com/dcqxhdrdfyun76.toc |
|
| Details | Url | 1 | https://emilie.businessup.be/wp-includes/chn/oseyggrugye738uhddwhudrwhjhd.php |
|
| Details | Url | 2 | https://www.antiy.cn/research/notice&report/research_report/20180507.html |
|
| Details | Url | 1 | https://www.antiy.cn/research/notice&report/research_report/20210812.html |
|
| Details | Windows Registry Key | 1 | HKCU\Unroast\Coleoptile\Pederasts |