ioc[.]one - OSINT Cyber Threat Intelligence Database

Skynet, a Tor-powered botnet straight from Reddit | Rapid7 Blog

Tags

cmtmf-attack-pattern:	Native Code
country:	Netherlands Germany Russia
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Control Panel - T1218.002 Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Hardware - T1592.001 Ip Addresses - T1590.005 Junk Data - T1001.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Connection Proxy - T1090 Sudo - T1169

Show in Graph

Common Information

Type	Value
UUID	ca818ab4-abfd-42b6-8d41-72e62a0d38c6
Fingerprint	a5351bd501330783
Analysis status	DONE
Considered CTI value	0
Text language
Published	Dec. 6, 2012, 10:51 p.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 10:40 p.m.
Headline	Skynet, a Tor-powered botnet straight from Reddit
Title	Skynet, a Tor-powered botnet straight from Reddit \| Rapid7 Blog
Detected Hints/Tags/Attributes	101/3/51

Source URLs

	Redirection	Url
Details	Source	https://blog.rapid7.com/2012/12/06/skynet-a-tor-powered-botnet-straight-from-reddit/
Details	Source	https://community.rapid7.com/community/infosec/blog/2012/12/06/skynet-a-tor-powered-botnet-straight-from-reddit

URL Provider

Details	Provider	Source level domain
Details	rapid7.com	community.rapid7.com
Details	rapid7.com	blog.rapid7.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	6ceyqong6nxy7hwp.onion
Details	Domain	1	owbm3sjqdnndmydf.onion
Details	Domain	1	4njzp3wzi6leo772.onion
Details	Domain	1	qdzjxwujdtxrjkrz.onion
Details	Domain	1	x3wyzqg6cfbqrwht.onion
Details	Domain	1	niazgxzlrbpevgvq.onion
Details	Domain	1	ua4ttfm47jt32igm.onion
Details	Domain	1	6tkpktox73usm5vq.onion
Details	Domain	1	4bx2tfgsctov65ch.onion
Details	Domain	1	gpt2u5hhaqvmnwhr.onion
Details	Domain	1	7wuwk3aybq5z73m7.onion
Details	Domain	1	742yhnr32ntzhx3f.onion
Details	Domain	1	f2ylgv2jochpzm4c.onion
Details	Domain	1	6m7m4bsdbzsflego.onion
Details	Domain	1	xvauhzlpkirnzghg.onion
Details	Domain	1	h266x4kmvmpdfalv.onion
Details	Domain	1	jr6t4gi4k2vpry5c.onion
Details	Domain	1	ceif2rmdoput3wjh.onion
Details	Domain	1	uzvyltfdj37rhqfy.onion
Details	Domain	1	uy5t7cus7dptkchs.onion
Details	Domain	1	visit.post
Details	Domain	1	t3svp5x674d7qqxh.onion
Details	Domain	369	microsoft.com
Details	Domain	6	myspace.com
Details	Domain	1	www.gruposantander.es
Details	Domain	3	odnoklassniki.ru
Details	Domain	5	vkontakte.ru
Details	Domain	2	login.osmp.ru
Details	Domain	1	atl.osmp.ru
Details	Domain	330	facebook.com
Details	Domain	1	31.204.xxx.xxx
Details	File	5	opencl.dll
Details	File	1122	svchost.exe
Details	File	13	config.bin
Details	File	101	gate.php
Details	File	10	bot.exe
Details	IPv4	8	2.1.0.0
Details	IPv4	1	95.211.7.6
Details	IPv4	1	109.236.80.74
Details	IPv4	1	77.235.61.37
Details	IPv4	1	74.91.20.82
Details	IPv4	1	74.82.212.213
Details	IPv4	1	88.191.123.223
Details	IPv4	1	178.33.32.238
Details	Url	1	http://localhost:42349/z/config.bin
Details	Url	1	http://qdzjxwujdtxrjkrz.onion:80/z/config.bin
Details	Url	1	http://qdzjxwujdtxrjkrz.onion:80/z/gate.php
Details	Url	1	http://localhost:42349/z/bot.exe
Details	Url	1	http://localhost:42349/z/gate.php
Details	Url	1	https://www.gruposantander.es
Details	Url	1	http://vkontakte.ru