Dec 2012 Dexter - POS Infostealer samples and information
Tags
| country: | Seychelles |
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Whois - T1596.002 |
Common Information
| Type | Value |
|---|---|
| UUID | bbddb0fb-27a5-48a4-a3b7-90b7872d3789 |
| Fingerprint | f6fe1e1a775faad2 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 23, 2012, 2:50 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 18, 2024, 4:35 a.m. |
| Headline | UNKNOWN |
| Title | Dec 2012 Dexter - POS Infostealer samples and information |
| Detected Hints/Tags/Attributes | 25/2/70 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Autonomous System Number | 1 | AS58001 |
|
| Details | Domain | 1 | fabcaa97871555b68aa095335975e613.com |
|
| Details | Domain | 1 | 11e2540739d7fbea1ab8f9aa7a107648.com |
|
| Details | Domain | 1 | 7186343a80c6fa32811804d23765cda4.com |
|
| Details | Domain | 1 | e7dce8e4671f8f03a040d08bb08ec07a.com |
|
| Details | Domain | 1 | e7bc2d0fceee1bdfd691a80c783173b4.com |
|
| Details | Domain | 1 | 815ad1c058df1b7ba9c0998e2aa8a7b4.com |
|
| Details | Domain | 1 | 67b3dba8bc6778101892eb77249db32e.com |
|
| Details | Domain | 1 | ideal.solutions.org |
|
| Details | Domain | 1176 | gmail.com |
|
| Details | Domain | 12 | bgp.he.net |
|
| Details | Domain | 3 | 2x4.ru |
|
| Details | 1 | ideal.solutions.org@gmail.com |
||
| Details | File | 4 | gateway.php |
|
| Details | File | 1 | u:\firmwork\studio\common\bin.exe |
|
| Details | File | 1 | %userprofile%\application data\fubqq\fubqq.exe |
|
| Details | File | 263 | iexplore.exe |
|
| Details | File | 748 | kernel32.dll |
|
| Details | File | 1 | modulereplace.exe |
|
| Details | File | 11 | helppane.exe |
|
| Details | File | 1 | %userprofile%\application data\pmnnw\pmnnw.exe |
|
| Details | File | 1 | assistcoop.exe |
|
| Details | File | 1 | %userprofile%\application data\jikmr\jikmr.exe |
|
| Details | File | 69 | shlwapi.dll |
|
| Details | File | 1 | teamreg.exe |
|
| Details | File | 1 | %userprofile%\application data\yebcs\yebcs.exe |
|
| Details | File | 291 | user32.dll |
|
| Details | File | 1 | %userprofile%\application data\pstwx\pstwx.exe |
|
| Details | File | 1 | %userprofile%\application data\kwqpn\kwqpn.exe |
|
| Details | File | 1 | aewtm.exe |
|
| Details | md5 | 1 | 2d48e927cdf97413523e315ed00c90ab |
|
| Details | md5 | 1 | 70feec581cd97454a74a0d7c1d3183d1 |
|
| Details | md5 | 1 | f84599376e35dbe1b33945b64e1ec6ab |
|
| Details | md5 | 1 | ed783ccea631bde958ac64185ca6e6b6 |
|
| Details | md5 | 1 | 65f5b1d0fcdaff431eec304a18fb1bd6 |
|
| Details | md5 | 1 | 560566573de9df114677881cf4090e79 |
|
| Details | md5 | 1 | 1f03568616524188425f92afbea3c242 |
|
| Details | md5 | 1 | fabcaa97871555b68aa095335975e613 |
|
| Details | md5 | 1 | 11e2540739d7fbea1ab8f9aa7a107648 |
|
| Details | md5 | 1 | 7186343a80c6fa32811804d23765cda4 |
|
| Details | md5 | 1 | e7dce8e4671f8f03a040d08bb08ec07a |
|
| Details | md5 | 1 | e7bc2d0fceee1bdfd691a80c783173b4 |
|
| Details | md5 | 1 | 815ad1c058df1b7ba9c0998e2aa8a7b4 |
|
| Details | md5 | 1 | 67b3dba8bc6778101892eb77249db32e |
|
| Details | md5 | 1 | 2D48E927CDF97413523E315ED00C90AB |
|
| Details | md5 | 1 | ED783CCEA631BDE958AC64185CA6E6B6 |
|
| Details | md5 | 1 | F84599376E35DBE1B33945B64E1EC6AB |
|
| Details | md5 | 1 | 1F03568616524188425F92AFBEA3C242 |
|
| Details | md5 | 1 | 65F5B1D0FCDAFF431EEC304A18FB1BD6 |
|
| Details | sha256 | 1 | 94c604e5cff7650f60049993405858dfc96f8ac5b77587523d37a8f8f3d9c1bc |
|
| Details | sha256 | 1 | cae3cdaaa1ec224843e1c3efb78505b2e0781d70502bedff5715dc0e9b561785 |
|
| Details | sha256 | 1 | b27aadd3ddca1af7db6f441c6401cf74b1561bc828e19f9104769ef2d158778e |
|
| Details | sha256 | 1 | fb46ea9617e0c8ead0e4358da6233f3706cfc6bbbeba86a87aaab28bb0b21241 |
|
| Details | sha256 | 1 | 7e327be39260fe4bb8923af25a076cd3569df54e0328c7fe5cd7c6a2d3312674 |
|
| Details | sha256 | 1 | 28a26fe50e2d4e2b541ae083aa0236bd484c7eb3b30cf9b5a7f4d579e77bf438 |
|
| Details | sha256 | 1 | bdbe024a08c9a4e62c5692762aa03b4c1e564b38510cb4b4b1758e371637edb4 |
|
| Details | IPv4 | 2 | 193.107.17.126 |
|
| Details | IPv4 | 1 | 173.255.196.136 |
|
| Details | IPv4 | 2 | 172.16.253.130 |
|
| Details | IPv4 | 1 | 172.16.253.255 |
|
| Details | IPv4 | 1 | 172.16.253.1 |
|
| Details | IPv4 | 4 | 172.16.253.129 |
|
| Details | IPv4 | 1 | 193.107.16.0 |
|
| Details | IPv4 | 1 | 193.107.19.255 |
|
| Details | IPv4 | 1 | 172.16.253.131 |
|
| Details | Url | 1 | http://193.107.17.126/test/gateway.phpfor |
|
| Details | Url | 1 | http://fabcaa97871555b68aa095335975e613.com:80/portal1/gateway.php |
|
| Details | Url | 1 | http://193.107.17.126:80/test/gateway.php |
|
| Details | Url | 1 | http://bgp.he.net/as58001#_whois |
|
| Details | Url | 1 | http://bgp.he.net/as58001#_peers |