Jan 17, 2010 JAVA Mobile Malware #1 by Donato "ratsoul" Ferrante www.InReverse.net Post #2
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | c36bda36-97f3-4897-8431-267231e54460 |
| Fingerprint | a1558082749b8012 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 25, 2010, 2:38 p.m. |
| Added to db | Jan. 18, 2023, 7:45 p.m. |
| Last updated | Nov. 12, 2024, 12:07 a.m. |
| Headline | UNKNOWN |
| Title | Jan 17, 2010 JAVA Mobile Malware #1 by Donato "ratsoul" Ferrante www.InReverse.net Post #2 |
| Detected Hints/Tags/Attributes | 26/2/74 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 10 | cve-2009-3867 |
|
| Details | CVE | 13 | cve-2008-5353 |
|
| Details | Domain | 4 | www.inreverse.net |
|
| Details | Domain | 4 | win32.horse |
|
| Details | Domain | 4 | trojan-downloader.java |
|
| Details | Domain | 15 | trojan.java |
|
| Details | Domain | 20 | exploit.java |
|
| Details | Domain | 3 | dldr.agen.na |
|
| Details | Domain | 3 | java.dldr.agen.na |
|
| Details | Domain | 3 | java.mo |
|
| Details | Domain | 3 | exploit.java.mo |
|
| Details | Domain | 3 | trojan-downloader.java.agent.as |
|
| Details | Domain | 3 | openstream.ae |
|
| Details | Domain | 3 | trojan.generic.is |
|
| Details | Domain | 3 | openstream.ad |
|
| Details | Domain | 3 | trojan-downloader.java.openstream.ad |
|
| Details | Domain | 3 | java.openstream.ae |
|
| Details | Domain | 3 | openstrem.bn |
|
| Details | Domain | 3 | java.openstrem.bn |
|
| Details | Domain | 3 | classload.ad |
|
| Details | Domain | 3 | trojware.java |
|
| Details | Domain | 3 | java.classload.ad |
|
| Details | File | 4 | 8d499308df04932ed1b58a78417d6fb9.jar |
|
| Details | File | 4 | 7e92d280472ca426aff1c20fbeb8d2db.jar |
|
| Details | File | 4 | 38f083169319d0141532db992d295448.jar |
|
| Details | File | 4 | 52586e8a85188a0ada59294650c91362.jar |
|
| Details | File | 4 | 3af7627af6348a76d1bf3b7bf31514e0.jar |
|
| Details | File | 4 | a022524cb52223a939ba50043d90ff94.jar |
|
| Details | File | 4 | d45a156c76f3c34bac0cf22cb586fdd1.jar |
|
| Details | File | 4 | 2138bfc0c92b726a13ff5095bd2f2b72.jar |
|
| Details | File | 4 | a0585edf638f5d1c556239d3bfaf08db.jar |
|
| Details | File | 3 | trojan-downloader.java |
|
| Details | File | 15 | trojan.java |
|
| Details | File | 20 | exploit.java |
|
| Details | File | 52 | trojan.js |
|
| Details | File | 3 | trojware.java |
|
| Details | md5 | 4 | 8d499308df04932ed1b58a78417d6fb9 |
|
| Details | md5 | 5 | 7e92d280472ca426aff1c20fbeb8d2db |
|
| Details | md5 | 4 | 38f083169319d0141532db992d295448 |
|
| Details | md5 | 4 | 52586e8a85188a0ada59294650c91362 |
|
| Details | md5 | 4 | 3af7627af6348a76d1bf3b7bf31514e0 |
|
| Details | md5 | 4 | a022524cb52223a939ba50043d90ff94 |
|
| Details | md5 | 4 | d45a156c76f3c34bac0cf22cb586fdd1 |
|
| Details | md5 | 4 | 2138bfc0c92b726a13ff5095bd2f2b72 |
|
| Details | md5 | 4 | a0585edf638f5d1c556239d3bfaf08db |
|
| Details | sha256 | 3 | d00fa63f4202a980ab4d854172eed4fce57fcf1fd5cff32e846107982573a91b |
|
| Details | sha256 | 3 | f95aeffa63f809a419dddc32c5bd65e28a1e6d21c587aef4342ac95c07bd9e80 |
|
| Details | sha256 | 3 | fba57ff8cfed809e8fdc1b6647515090933f4dd6f1c3cc0b02d80044c6c50f7b |
|
| Details | sha256 | 3 | ce21ea5e25fe92ef6fa182c7fe588b050021796ea880e277aa7acd6e547f0994 |
|
| Details | sha256 | 3 | b69f0e77a89df3af21c4ad2bae57cdf19dc01edea3cf2958931ebbbe4e428e99 |
|
| Details | sha256 | 3 | c52137b3dc1d700ee0b094b995b0da6d3bf13da40bca00d567209ce3cdd1a7cb |
|
| Details | sha256 | 3 | eb4f3bd460824c701f3a99463a16e4307f5a4c111f1dc610d26db82d6436f842 |
|
| Details | sha256 | 3 | e5daafafa3eedcff7577a1545a1e45fbaa964547cc46846f8d6ae90d9674ea4f |
|
| Details | sha256 | 3 | a19089a18db356fb5ef5cfa78b94a1fd8538381930c5998061d5176c77e136a0 |
|
| Details | IPv4 | 29 | 7.0.17.0 |
|
| Details | IPv4 | 16 | 3.1.1.80 |
|
| Details | IPv4 | 15 | 91.2.0.41 |
|
| Details | IPv4 | 41 | 2.0.3.7 |
|
| Details | IPv4 | 59 | 7.0.0.125 |
|
| Details | IPv4 | 17 | 4.5.0.50 |
|
| Details | IPv4 | 4 | 8.2.1.224 |
|
| Details | IPv4 | 39 | 7.0.3.5 |
|
| Details | IPv4 | 5 | 3.12.12.4 |
|
| Details | IPv4 | 14 | 4.0.14.0 |
|
| Details | IPv4 | 7 | 0.96.0.3 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/d00fa63f4202a980ab4d854172eed4fce57fcf1fd5cff32e846107982573a91b-1272218810 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/f95aeffa63f809a419dddc32c5bd65e28a1e6d21c587aef4342ac95c07bd9e80-1272218387 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/fba57ff8cfed809e8fdc1b6647515090933f4dd6f1c3cc0b02d80044c6c50f7b-1272216836 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/ce21ea5e25fe92ef6fa182c7fe588b050021796ea880e277aa7acd6e547f0994-1272218599 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/b69f0e77a89df3af21c4ad2bae57cdf19dc01edea3cf2958931ebbbe4e428e99-1272241193 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/c52137b3dc1d700ee0b094b995b0da6d3bf13da40bca00d567209ce3cdd1a7cb-1272241740 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/eb4f3bd460824c701f3a99463a16e4307f5a4c111f1dc610d26db82d6436f842-1272242166 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/e5daafafa3eedcff7577a1545a1e45fbaa964547cc46846f8d6ae90d9674ea4f-1272242459 |
|
| Details | Url | 3 | http://www.virustotal.com/analisis/a19089a18db356fb5ef5cfa78b94a1fd8538381930c5998061d5176c77e136a0-1272243385 |