스페인 사용자들을 대상으로 유포 중인 StrelaStealer - ASEC BLOG
Tags
| attack-pattern: | Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | bcf79e3b-56fc-4cb0-bff3-9d996b5e403e |
| Fingerprint | 6d080eee75767a3d |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | May 18, 2023, 2:22 p.m. |
| Added to db | May 24, 2023, 11:26 p.m. |
| Last updated | Nov. 15, 2024, 2:45 a.m. |
| Headline | 스페인 사용자들을 대상으로 유포 중인 StrelaStealer |
| Title | 스페인 사용자들을 대상으로 유포 중인 StrelaStealer - ASEC BLOG |
| Detected Hints/Tags/Attributes | 7/1/8 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://asec.ahnlab.com/ko/52946/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 18 | ✔ | ASEC | https://asec.ahnlab.com/ko/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 64 | logins.json |
|
| Details | File | 41 | key4.db |
|
| Details | File | 24 | server.php |
|
| Details | md5 | 13 | 9375CFF0413111d3B88A00104B2A6676 |
|
| Details | md5 | 2 | ba5281c2978e426605f4be767898b323 |
|
| Details | IPv4 | 3 | 91.215.85.209 |
|
| Details | Url | 3 | http://91.215.85.209/server.php |
|
| Details | Windows Registry Key | 2 | HKCU\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\IMAP |