RomCom malware spread via Google Ads for ChatGPT, GIMP, more - RedPacket Security
Tags
country: Brazil Canada Cuba Philippines Ukraine United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Hidden Window - T1564.003 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 Connection Proxy - T1090 Hidden Window - T1143
Show in Graph
Common Information
Type Value
UUID bc2fc36d-50f4-4385-9886-5bc929830a76
Fingerprint 9bf09859b097b2ec
Analysis status DONE
Considered CTI value 0
Text language
Published May 31, 2023, 5:02 a.m.
Added to db May 31, 2023, 6:24 a.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline RedPacket Security
Title RomCom malware spread via Google Ads for ChatGPT, GIMP, more - RedPacket Security
Detected Hints/Tags/Attributes 58/3/17
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/romcom-malware-spread-via-google-ads-for-chatgpt-gimp-more/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 5 
gllmp.com
Details Domain 5 
gotomeet.us
Details Domain 5 
singularlabs.org
Details Domain 8 
chatgpt4beta.com
Details Domain 5 
astrachats.com
Details Domain 5 
devolutionrdp.com
Details Domain 4 
cozy-sofware.com
Details Domain 5 
vectordmanagesoft.com
Details Domain 5 
devolrdm.com
Details Domain 5 
dirwinstat.com
Details File 5 
installa.dll
Details File 2127 
cmd.exe
Details File 5 
photodirector.dll
Details File 4 
procsys.dll
Details File 6 
wallet.exe
Details File 2 
msg.dll
Details File 4 
fileinfo.dll