ioc[.]one - OSINT Cyber Threat Intelligence Database

Who's Hacking the Hackers: No Honor Among Thieves

Tags

cmtmf-attack-pattern:	Masquerading
country:	India Turkey Vietnam U.S. Virgin Islands
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Ip Addresses - T1590.005 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Server - T1583.004 Server - T1584.004 Software - T1592.002 Visual Basic - T1059.005 Tool - T1588.002 Masquerading - T1036 Masquerading

Show in Graph

Common Information

Type	Value
UUID	c6d6ff82-6e1c-4309-a3d7-dce5305e228a
Fingerprint	a52438590275269f
Analysis status	DONE
Considered CTI value	0
Text language
Published	March 10, 2020, midnight
Added to db	Jan. 16, 2023, 4:59 p.m.
Last updated	Nov. 18, 2024, 12:28 p.m.
Headline	Who's Hacking the Hackers: No Honor Among Thieves
Title	Who's Hacking the Hackers: No Honor Among Thieves
Detected Hints/Tags/Attributes	72/3/21

Source URLs

	Redirection	Url
Details	Source	https://www.cybereason.com/blog/whos-hacking-the-hackers-no-honor-among-thieves
Details	Source	https://www.cybereason.com/blog/whos-hacking-the-hackers-no-honor-among-thieves?fbclid=IwAR1LgNlWoJ92T6Pqz1ne5zPYdFgxdqHA9SYcKAgh4xbsFtXeL5ztMFu6zH4

URL Provider

Details	Provider	Source level domain
Details	cybereason.com	www.cybereason.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	capeturk.com
Details	Domain	1	anandpen.com
Details	Domain	1	www.anandpen.com
Details	Domain	1	explorer.zip
Details	Domain	1	7777.elitfilmizle.com
Details	Domain	1	blog.capeturk.com
Details	Domain	1	6666.elitfilmizle.com
Details	File	1260	explorer.exe
Details	File	1	explorer.zip
Details	File	1122	svchost.exe
Details	File	1	c:\users\user\appdata\roaming\explorer.exe
Details	File	3	'explorer.exe
Details	md5	1	d5f53d26615772ff3ca84d88604f2ddf
Details	md5	1	4E196CEA0C9C46A7D656C67E52E8C7C7
Details	IPv4	1	104.206.239.81
Details	IPv4	1	209.99.16.94
Details	Pdb	1	c:\users\pc\desktop\25-8-2019\3 lop-gzip+poly xor base64\gzip+poly xor base64 builder\windowsapplication2\obj\release\windowsapplication2.pdb
Details	Pdb	1	c:\users\pc\downloads\gen code polyrsm rc4 poly aes gzip builder 21-09-2018\polyrsm rc4 poly aes gzip 26-07-2018\polyrsm +rc4+ poly aes +gzip builder 07-01-2015\obj\x86\release\explorer.pdb
Details	Pdb	1	c:\users\pc\desktop\xxxxx\all polyrsm +rc4+ poly aes +gzip strreverse 11-01-2019\polyrsm +rc4+ poly aes +gzip builder strreverse 11-01-2019\obj\x86\release\explorer.pdb
Details	Pdb	1	c:\users\pc\desktop\03-02-2020\zip rc2 rc4\decode\windowsapplication6\obj\release\explorer.pdb
Details	Pdb	1	c:\users\pc\desktop\03-02-2020\new 3des zip 29-01-2020\decode\windowsapplication6\obj\release\taskhost.pdb