The King is Dead, Long Live MyKings! (Part 1 of 2) - Avast Threat Labs
Tags
country: India Pakistan Russia
attack-pattern: Data Bootkit - T1542.003 Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Bootkit - T1067
Show in Graph
Common Information
Type Value
UUID cc88161f-bcf7-4aad-b495-1fce17f9aacd
Fingerprint 24b5f3a6be8e99
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 12, 2021, 11:35 a.m.
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 8, 2024, 10:23 p.m.
Headline The King is Dead, Long Live MyKings! (Part 1 of 2)
Title The King is Dead, Long Live MyKings! (Part 1 of 2) - Avast Threat Labs
Detected Hints/Tags/Attributes 58/2/69
Source URLs
Redirection Url
Details Source https://decoded.avast.io/janrubin/the-king-is-dead-long-live-mykings/
URL Provider
Details Provider Source level domain
Details avast.io decoded.avast.io
Attributes
Details Type #Events CTI Value
Details Domain 1 
zcop.ru
Details Domain 1 
kriso.ru
Details Domain 1 
kr1s.ru
Details Domain 1 
js.mys2016.info
Details Domain 1 
js.1226bye.xyz
Details Domain 41 
steamcommunity.com
Details Domain 6 
yadi.sk
Details Domain 15 
2no.co
Details Domain 1 
ioad.pw
Details Domain 4 
iplogger.co
Details Domain 47 
iplogger.org
Details Domain 1 
f321y.com
Details Domain 1 
disk.yandex.ru
Details File 5 
c3.bat
Details File 1 
java12.exe
Details File 87 
java.exe
Details File 1 
java12.dat
Details File 1 
king.exe
Details File 1 
king.dat
Details File 1 
c:\windows\system32\a.exe
Details File 1 
mys2016.inf
Details File 1 
helloworld.msi
Details File 2 
my1.html
Details File 2 
my1.bat
Details File 1 
ioad.exe
Details File 1 
1h9pn6.html
Details File 2 
doc.dat
Details File 1 
java.dat
Details File 1 
tess.html
Details File 1 
buff2.dat
Details File 1 
dhelper.dat
Details File 1 
oneplus.dat
Details File 2 
vid.dat
Details sha256 1 
d2e8b77fe0ddb96c4d52a34f9498dc7dd885c7b11b8745b78f3f6beaeec8e191
Details sha256 1 
0390b466a8af2405dc269fd58fe2e3f34c3219464dcf3d06c64d01e07821cd7a
Details sha256 1 
b9c7cb2ebf3c5ffba6fdeea0379ced4af04a7c9a0760f76c5f075ded295c5ce2
Details sha256 1 
f778ca041cd10a67c9110fb20c5b85749d01af82533cc0429a7eb9badc45345c
Details sha256 1 
5ae5ff335c88a96527426b9d00767052a3cba3c3493a1fa37286d4719851c45c
Details sha256 1 
2aaf1abeaeeed79e53cb438c3bf6795c7c79e256e1f35e2a903c6e92cee05010
Details sha256 1 
0cdef01e74acd5bbfb496f4fad5357266dabb2c457bc3dc267ffad6457847ad4
Details Url 1 
http://zcop.ru/java12.dat
Details Url 1 
http://kriso.ru/java12.dat
Details Url 1 
http://kr1s.ru/king.dat
Details Url 1 
http://js.mys2016.info:280/helloworld.msi
Details Url 1 
http://js.mys2016.info:280/v.sct
Details Url 1 
http://js.1226bye.xyz:280/v.sct
Details Url 1 
https://steamcommunity.com/tradeoffer/new/?partner=121845838&token=advsgaxy
Details Url 1 
https://steamcommunity.com/id/rosher
Details Url 2 
https://yadi.sk/d/cqrski0591kwog
Details Url 1 
https://yadi.sk/d/ngyr4jfcnjycva
Details Url 1 
https://yadi.sk/d/zcbamw973zq5t3
Details Url 1 
https://yadi.sk/d/zy1qw7rrcflmoq
Details Url 1 
http://2no.co/1ajz97
Details Url 1 
http://2no.co/1amc97
Details Url 1 
http://2no.co/1lan77
Details Url 1 
http://ioad.pw/ioad.exe
Details Url 1 
http://ioad.pw/v.sct
Details Url 1 
http://iplogger.co/1h9pn6.html
Details Url 1 
http://iplogger.org/1amc97
Details Url 1 
http://kr1s.ru/doc.dat
Details Url 1 
http://kr1s.ru/java.dat
Details Url 1 
http://kr1s.ru/tess.html
Details Url 1 
http://u.f321y.com/buff2.dat
Details Url 1 
http://u.f321y.com/dhelper.dat
Details Url 1 
http://u.f321y.com/oneplus.dat
Details Url 1 
http://u.f321y.com/tess.html
Details Url 1 
http://u.f321y.com/vid.dat
Details Url 1 
http://zcop[]].ru/java12.dat
Details Url 1 
https://disk.yandex.ru/d/ngyr4jfcnjycva