UNKNOWN
Common Information
Type Value
UUID cf2fc17f-17ae-4ce7-9cd0-023eaa500500
Fingerprint 75188672f9f010c1
Analysis status IN_PROGRESS
Considered CTI value 0
Text language
Published None
Added to db Dec. 20, 2024, 9:20 a.m.
Last updated Dec. 21, 2024, 4:25 a.m.
Headline UNKNOWN
Title UNKNOWN
Detected Hints/Tags/Attributes 20/1/62
Source URLs
Attributes
Details Type #Events CTI Value
Details Domain 1
exec.elrooted.com
Details Domain 1
conn.elrooted.com
Details Domain 1
proxy.2u0apcm6ylhdy7s.com
Details Domain 1
abcdefg.elrooted.com
Details Domain 1
park.elrooted.com
Details Domain 1
frsaxhta.elrooted.com
Details Domain 1
cccc.elrooted.com
Details Domain 1
gfedcba.elrooted.com
Details Domain 1
hello.elrooted.com
Details Domain 1
hxarasxg.hxarasxg.xyz
Details Domain 1
cest4.elrooted.com
Details Domain 1
da.elrooted.com
Details Domain 2
vbrxmrhrjnnouvjf.onion
Details Domain 1
w6gr2jqz3eag4ksi.onion
Details Domain 1
report.infidel.ml
Details Domain 42
blog.netlab.360.com
Details Domain 142
www.exploit-db.com
Details Domain 17
habr.com
Details Domain 6752
163.com
Details File 1
僵尸网络曾使用cbc.vb
Details File 1
report.inf
Details sha256 1
1a64cd13d9c71542ce60183356a615505f10ddc192eded5fce0f0075f3ad7648
Details sha256 1
ca3889994301f28baa791f4ef1aa473b0bc6e975cda703195787872795171869
Details sha256 1
e9a7aab3ab25c0a091d98d3ae4a313fba3b3bd0588bfe8e3624ec016bc11f02e
Details sha256 1
2516bdc3ae3818e30e1145f75811937e29ce10f94722c6da1ea7c28f4c0bc3dc
Details sha256 1
a6e18135a2afcd96957bff63388501465f5a1203b2d22ee0f1074661e286d9e3
Details sha256 1
59b1ca2d47af1d5b60b84c3a9d6a64a09b7340864b9e90247466d7f91ed53b84
Details sha256 1
d5d5488ae9c80558cc4634ce6d51837d82347fd48d1a665e606dcfbfdf638b7b
Details sha256 1
a67f79c7ae6b1177309cb328d3ec93ec91960edf457a4f5a74120baaf80139ee
Details sha256 1
04114bd136941811e355df28e9b2eeaa941a04b61b185fd214a4c54daa171e1c
Details sha256 1
80f1973b82cbea485f27eb8c44983c565701fdc4e6d3e994ed57bf57a66b9c81
Details sha256 1
f91427e74a84c34d329116443fa1c89c63dab57e01129345a9f9ed364533dd49
Details sha256 1
4ed3c601022b4d8c1478521241b847dcacecd837bc75547f3a378ee9d5b9e15f
Details sha256 1
b41de82ea89e2ceedda5b4a856c273c4ce06429d876ee4a05ee9a2423741461f
Details sha256 1
84efc5ce8a0729b1248b5f7a43ddf371f517ac0a0eea0a5b0674ce195be61b8e
Details sha256 1
ca8095af62b836f3ddd12007bc8cb67cdd39266c3d40179691f9ee1ca94e9428
Details sha256 1
1c5349696c04dfa8e0f458ad1d9aa360f4768b21d3dd83fb98d935691b1b2a88
Details IPv4 1
185.172.110.0
Details IPv4 1
185.172.110.240
Details IPv4 3
185.172.110.224
Details IPv4 1
185.172.110.235
Details IPv4 317
8.8.8.8
Details IPv4 1
54.188.198.118
Details IPv4 1
91.92.66.87
Details IPv4 1
185.163.46.6
Details IPv4 1
5.252.179.60
Details IPv4 1
205.185.114.231
Details IPv4 1
37.49.226.171
Details Url 1
http://exec.elrooted.com/uc/i686)与mal_proxyc&c(cest4.elrooted.com
Details Url 1
http://exec.elrooted.com/ab/i686
Details Url 1
http://conn.elrooted.com/li/arm
Details Url 1
http://91.92.66.87:80/420/adb/x86
Details Url 1
http://185.163.46.6/a/x86_64
Details Url 1
http://5.252.179.60/b/x86_64
Details Url 1
http://185.172.110.224/ab/i586
Details Url 1
http://proxy.2u0apcm6ylhdy7s.com/b/x86_64
Details Url 1
http://proxy.2u0apcm6ylhdy7s.com/b/armv7l
Details Url 1
https://blog.radware.com/security/botnets/2020/05/whos-viktor-tracking-down-the-xtc-polaris-botnets
Details Url 1
https://blog.netlab.360.com/the-leethozer-botnet-en
Details Url 1
https://www.exploit-db.com/exploits/48225
Details Url 1
https://blog.netlab.360.com/multiple-botnets-are-spreading-using-lilin-dvr-0-day
Details Url 1
https://habr.com/en/post/486856