New variant of Geodo/Emotet banking malware targets UK
Tags
| cmtmf-attack-pattern: | Data Encrypted |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Data Encrypted - T1022 |
Common Information
| Type | Value |
|---|---|
| UUID | bf530ef3-7197-4ef1-ab38-4ef74b2c38d1 |
| Fingerprint | 25447839a5b997bb |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 26, 2017, 5 a.m. |
| Added to db | Jan. 18, 2023, 11:14 p.m. |
| Last updated | Nov. 17, 2024, 5:54 p.m. |
| Headline | New variant of Geodo/Emotet banking malware targets UK |
| Title | New variant of Geodo/Emotet banking malware targets UK |
| Detected Hints/Tags/Attributes | 50/3/31 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Autonomous System Number | 6 | AS12876 |
|
| Details | Autonomous System Number | 1 | AS8560 |
|
| Details | Domain | 9 | feodotracker.abuse.ch |
|
| Details | Domain | 1 | natchezms.us |
|
| Details | Domain | 1 | vision2factory.com |
|
| Details | Domain | 1 | selosconsultoria.com.br |
|
| Details | Domain | 1 | dwpwebsites.com |
|
| Details | Domain | 1 | lunaradventures.net |
|
| Details | Domain | 1 | seftonplaycouncil.org.uk |
|
| Details | Domain | 1 | adfinesterrae.com |
|
| Details | Domain | 1 | nlscreative.com |
|
| Details | Domain | 403 | securelist.com |
|
| Details | sha1 | 1 | d92dd4597ef70ddc4498545f82e2b19055189c71 |
|
| Details | sha256 | 1 | e5e21fcf2a8147cefdeae11f4b67b142c334607ec3082f08306e8868ebc671a6 |
|
| Details | IPv4 | 1 | 103.215.153.151 |
|
| Details | IPv4 | 2 | 212.83.166.45 |
|
| Details | IPv4 | 1 | 87.106.149.74 |
|
| Details | IPv4 | 2 | 119.82.27.246 |
|
| Details | IPv4 | 2 | 194.88.246.7 |
|
| Details | IPv4 | 2 | 85.143.221.180 |
|
| Details | IPv4 | 3 | 188.165.220.214 |
|
| Details | Url | 2 | https://feodotracker.abuse.ch |
|
| Details | Url | 1 | http://natchezms.us |
|
| Details | Url | 1 | http://vision2factory.com |
|
| Details | Url | 1 | http://selosconsultoria.com.br |
|
| Details | Url | 1 | http://dwpwebsites.com |
|
| Details | Url | 1 | http://lunaradventures.net |
|
| Details | Url | 1 | http://seftonplaycouncil.org.uk |
|
| Details | Url | 1 | http://adfinesterrae.com |
|
| Details | Url | 1 | http://nlscreative.com |
|
| Details | Url | 1 | https://securelist.com/analysis/publications/69560/the-banking-trojan-emotet-detailed-analysis |