ioc[.]one - OSINT Cyber Threat Intelligence Database

Bisonal: 10 years of play

Tags

country:	Bulgaria China India Japan South Korea Suriname Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Indirect Domains - T1583.001 Domains - T1584.001 Dynamic Dns - T1311 Dynamic Dns - T1333 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Network Security Appliances - T1590.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Windows Service - T1543.003 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	c2e3707e-7b71-4576-ad7f-947b9224a2f3
Fingerprint	8eb4b11fec3ac693
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 5, 2020, 6:01 a.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 19, 2024, 10:09 a.m.
Headline	Vulnerability Information
Title	Bisonal: 10 years of play
Detected Hints/Tags/Attributes	126/3/110

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2020/03/bisonal-10-years-of-play.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	Value
Details	CVE	58	cve-2018-0798
Details	Domain	1	young03.myfw.us
Details	Domain	1	kissyou01.myfw.us
Details	Domain	1	fund.cmc.or.kr
Details	Domain	1	dnsdns1.passas.us
Details	Domain	1	jennifer998.lookin.at
Details	Domain	1	v3net.rr.nu
Details	Domain	1	faceto.uglyas.com
Details	Domain	1	since.qpoe.com
Details	Domain	1	applejp.myfw.us
Details	Domain	1	usababa.myfw.us
Details	Domain	1	indbaba.myfw.us
Details	Domain	1	indbabababa.dns94.com
Details	Domain	1	mycount.mrslove.com
Details	Domain	1	www.hosting.tempors.com
Details	Domain	1	emsit.serveirc.com
Details	Domain	1	kted56erhg.dynssl.com
Details	Domain	1	www.amanser951.otzo.com
Details	Domain	2	imbc.onthewifi.com
Details	Domain	904	snort.org
Details	Domain	1	0906.toh.info
Details	Domain	1	euiro8966.organiccrap.com
Details	Domain	1	kfsinfo.byinter.net
Details	Domain	1	21kmg.my-homeip.net
Details	Domain	3	agent.my-homeip.net
Details	Domain	1	etude.servemp3.com
Details	Domain	1	games.my-homeip.com
Details	Domain	1	hansun.serveblog.net
Details	Domain	1	kazama.myfw.us
Details	Domain	1	kreng.bounceme.net
Details	Domain	1	navego.serveblog.net
Details	Domain	1	shinkhek.myfw.us
Details	Domain	1	wew.mymom.info
Details	Domain	1	www.nayana.adultdns.net
Details	Domain	1	www.dds.walshdavis.com
Details	File	1	судалгаа.doc
Details	File	1	research.doc
Details	File	2132	cmd.exe
Details	File	1	o0.asp
Details	File	7	conime.exe
Details	File	2	o.asp
Details	File	6	msacm32.dll
Details	File	1	msacm.dll
Details	File	1	0akspbv.txt
Details	File	1	0akspbu.txt
Details	File	2	tmplogon.exe
Details	File	1	0edrftg.txt
Details	sha256	1	ba0bcf05aaefa17fbf99b1b2fa924edbd761a20329c59fb73adbaae2a68d2307
Details	sha256	1	bb61cc261508d36d97d589d8eb48aaba10f5707d223ab5d5e34d98947c2f72af
Details	sha256	1	43606116e03672d5c2bca7d072caa573d3fc2463795427d6f5abfa25403bd280
Details	sha256	1	43459f5117bee7b49f2cee7ce934471e01fb2aa2856f230943460e14e19183a6
Details	sha256	1	915ad316cfd48755a9e429dd5aacbee266aca9c454e9cf9507c81b30cc4222e5
Details	sha256	1	6f8bbea18965b21dc8b9163a5d5205e2c5e84d6a4f8629b06abe73b11a809cca
Details	sha256	1	b75c986cf63e0b5c201da228675da4eff53c701746853dfba6747bd287bdbb1d
Details	sha256	1	979d4e6665ddd4c515f916ad9e9efd9eca7550290507848c52cf824dfbd72a7e
Details	sha256	1	6f4a1b423c3936969717b1cfb25437ae8d779c095f158e3fded94aba6b6171ad
Details	sha256	1	c6baef8fe63e673f1bd509a0f695c3b5b02ff7cfe897900e7167ebab66f304ca
Details	sha256	1	15d5c84db1fc7e13c03ff1c103f652fbced5d1831c4d98aad8694c08817044cc
Details	sha256	1	92be1bc11d7403a5e9ad029ef48de36bcff9c6a069eb44b88b12f1efc773c504
Details	sha256	1	d83fbe8a15d318b64b4e7713a32912f8cbc7efbfae84449916a0cbc5682a7516
Details	sha256	1	37d1bd82527d50df3246f12b931c69c2b9e978b593a64e89d16bfe0eb54645b0
Details	sha256	1	b7ef3ec4d9b0fd29c86c9a4b2a94819a80c83e44cdc47a9091786d839be6a7c4
Details	sha256	1	0cf9d9e01184d22d54a3f9b6ef6c290105eaa32c7063355ca477d94b130976af
Details	sha256	1	7dc58ff4389301a6eccc37098682742b96e5171d908acdeb62aeaa787496c80a
Details	sha256	1	0ff88a6cd7dcd27f14ebb7b2c97727b81e1aa701280d1164685c52c234e4a9df
Details	sha256	1	8252f2cdedf16f404d43c81d005ea8ebb10594477f738e40efacf9013e1470d2
Details	sha256	1	1128d10347dd602ecd3228faa389add11415bf6936e2328101311264547afa75
Details	sha256	1	9638e7bb963ac881bd81071d305dea91b040536c55b7ee79b526b8afcfad6972
Details	sha256	1	1e66579b856cd331518d67c351bcb2b102399d8ade53370797228b289e905dc1
Details	sha256	1	22b3a86f91d2eb5a8a1e1cdc044bcf6aca898663071be5233bac00c0f0d3c001
Details	sha256	1	9c86c2dd001c47b933c6b5f43c8f87a6d0c01c066e3520e651fab51d19355d3c
Details	sha256	1	2c1e0facf563bb2054d9a883144ef9bad77ba75cdb46cc80843821c363c0a9dc
Details	sha256	1	a4a5c60a392d236b76907f58597e83ba9c9d4cfc6a4502ef3e0e149b8710a0c6
Details	sha256	1	359835c4a9dbe2d95e483464659744409e877cb6f5d791daa33fd601a01376fc
Details	sha256	1	b1da7e1963dc09c325ba3ea2442a54afea02929ec26477a1b120ae44368082f8
Details	sha256	1	b85e4168972b28758984f919aef2ce0fde271ee1f0863510e521a2920fcc658e
Details	sha256	1	bd1a9b148580dad430683639b747d1c49932db5d8f6eb2d90e2583af976810dc
Details	sha256	1	436fc9530015c2d2b952a16d2a3dfa202d1cb1c577b580811b9b48355855591b
Details	sha256	1	c5496dc3fa96b657ab4467c551877bbced56fd07c00c7ccb199c1794235bf710
Details	sha256	1	444e864a3bb2abb1edccab4a5cd45bc0039f2a48e01615b2719da65a40a5140e
Details	sha256	1	cdba1a69d75f3e2256dccc16255aef07ded41c257b2cc95ccb801a0063445926
Details	sha256	1	5caada5737b0a6c8c8f8a27bfcd0fb2221af68a4856278c3919b37279daa7409
Details	sha256	1	d19b85891dd0f83808b70fbe68a56a64e828611dfe53d04a6c1c211f1352b5b5
Details	sha256	1	6676934d7f214cb256407400357c1f7ead69a523b3017f6a5bc30d06a11a8305
Details	sha256	1	d7692a71b85c869ee11647b80ea6d42b2e4303233c525a8fa7e6bec3599e2c8b
Details	sha256	1	67e286c7308dda5cd8fe4a1340f354927e5791ce6ef0ef02c93a4e063e11c4ad
Details	sha256	1	6c714653a8fa54eef1de2f0148e5e8cf514907f6f523bf09c8ee126bebcdbdcc
Details	sha256	1	dd88b31275b7079899d945fc6de2dceaf7e8fc143ef24be5bb336585ddf6af1e
Details	sha256	1	6cc4707942f9323347c95066a43b30f874f1b1c783960cf8ed9ecf5914f85ba7
Details	sha256	1	eb7681c653ef1942103cd3272fd124eaf73e79bb830be978535c18b73c87b985
Details	sha256	1	6ef4df8460ba57b836f52a9a73e2d739a3f2aa832bec6b663af53b55dc74a63d
Details	sha256	1	effd31b11bdc6486082967c2d8e53d979e59a88ba28e68a1c94f5a064a8a966d
Details	sha256	1	f3a30e5f8bfd0f936597bcef7cb43df11ec566467001dff9365771900e90acb1
Details	sha256	1	77a36530555eada268238050996839bd34670e8bfda477c30d9dd66574625f59
Details	sha256	1	f9302b7ecc32b891edeaf61353dc5e976832b7104ec0d36f1641f1f40cf6fe12
Details	sha256	1	799d858ff77c29684fc1522804ed45c24171484d9618211c817df01424bc981a
Details	sha256	1	23d263b6f55ac81f64c3c3cf628dd169d745e0f2b264581305f2f46efc879587
Details	sha256	1	72f6a54d0d09a16e6fde9800aa845cd1866001538afb2c8f61f3606f5e13f35a
Details	sha256	1	4bad5898373eb644662a8c1d5d5c674e2558908e34bb2fd915f3350b0f28752b
Details	IPv4	1	196.44.49.154
Details	IPv4	1	69.197.149.98
Details	IPv4	1	137.170.185.211
Details	IPv4	1	61.90.202.197
Details	IPv4	1	61.90.202.198
Details	Url	1	http://fund.cmc.or.kr/uploadfile/fame/x/o0.asp
Details	Url	1	http://fund.cmc.or.kr/uploadfile/fame/x/mh/o.asp
Details	Url	1	http://indbabababa.dns94.com/o.asp
Details	Url	1	http://www.hosting.tempors.com:443/av9d0.0.0.0akspbv.txt
Details	Url	1	http://emsit.serveirc.com/ks8d0.0.0.0akspbu.txt
Details	Url	1	http://www.amanser951.otzo.com/uiho0.0.0.0edrftg.txt