ioc[.]one - OSINT Cyber Threat Intelligence Database

Ding! Your RAT has been delivered

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Dynamic Dns - T1311 Dynamic Dns - T1333 Ip Addresses - T1590.005 Keylogging - T1056.001 Keylogging - T1417.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	c3222f93-3535-4bca-9495-94a56319eece
Fingerprint	a4748db159359605
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 8, 2015, 6:49 a.m.
Added to db	Oct. 9, 2022, 4:15 p.m.
Last updated	Nov. 14, 2024, 8:09 a.m.
Headline	Vulnerability Information
Title	Ding! Your RAT has been delivered
Detected Hints/Tags/Attributes	70/2/37

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2015/07/ding-your-rat-has-been-delivered.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	index.zip
Details	Domain	1	briach202.no-ip.info
Details	File	1	slx.exe
Details	File	3	cod.exe
Details	File	1	indexe.doc
Details	File	1	index.zip
Details	File	1	adobearmservice.exe
Details	File	1	bthserv.exe
Details	File	1	bthserv.dll
Details	File	70	vbc.exe
Details	File	13	no-ip.inf
Details	File	1	lookupsvi.exe
Details	File	1	secdrv.exe
Details	File	1	appmgnt.exe
Details	File	1	hknswc.exe
Details	File	20	host.exe
Details	File	1	u202eslx.exe
Details	File	1	ecode.exe
Details	sha256	1	9b06bc6268a1cfd40ce4a9caf91a4f877cc2a093dc1b4c4f3dfea6d7aa968d1b
Details	sha256	1	386186bb26d78b1f54875da5e115c682d2a5a72685bcba430448d44cba924372
Details	sha256	1	64f5a4be0769007c2797e4908d739437d9a7ccd227b64e028e959d2695c8e06e
Details	sha256	1	b4a8979e9014bbb88d315c041e578feaa78f04689b0ae3b0243a286522ac3ece
Details	sha256	1	136862693e8d9463e20fa0c29ada0830949d2934912efe36bf262ead30670bce
Details	sha256	1	f03f646dd7ffd6ce61e8521519e08234467f2fa9bf4187bcb0f1f8307e665c81
Details	sha256	1	f6ec79516633b2906fe097f35d91122342479907ab8775bba8f1757091c4bcec
Details	sha256	1	03036fe853f5c99a527aeec29bc9a3c9016310f7f2164f666e794cadbeb2671d
Details	sha256	1	70b522215375e5ee14540a7b47a5a337a2e173d401c7e0b2ff121861e78d08ae
Details	sha256	1	05e101a81a15d20427de92ea2773f4480008dfabc92d385d0326eb66dc5c2618
Details	sha256	1	012bf0ab1ec60538c02a0c72020b4149e1349937920c6eab83116ef8f1b4094e
Details	sha256	1	73bdef73667e27123d972b7d73038c47d04fbd62c5a667fcaa1017a2e66840bd
Details	sha256	1	23090f008a08ae0b9b8ef7d1dfada2a5ca0d2c31bd72158b479613c0ed29f7eb
Details	IPv4	1	216.38.2.195
Details	IPv4	1	41.58.102.142
Details	IPv4	1	41.58.104.23
Details	IPv4	1	41.58.219.175
Details	IPv4	1	174.127.99.235
Details	IPv4	1	216.38.2.212