ioc[.]one - OSINT Cyber Threat Intelligence Database

Tools used by the Uroburos actors - PDF Free Download

Tags

country:	Belgium Nigeria Finland Luxembourg Russia Taiwan United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Botnet - T1583.005 Botnet - T1584.005 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Hardware - T1592.001 Hooking - T1617 Malware - T1587.001 Malware - T1588.001 Pass The Hash - T1550.002 Pass The Ticket - T1550.003 Phishing - T1660 Phishing - T1566 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 System Services - T1569 Tool - T1588.002 Vulnerabilities - T1588.006 Connection Proxy - T1090 Hooking - T1179 Hypervisor - T1062 Pass The Hash - T1075 Pass The Ticket - T1097 Rootkit - T1014 Scripting - T1064 Denial Of Service Hooking Rootkit Scripting

Show in Graph

Common Information

Type	Value
UUID	cf7428d5-b840-4f69-90df-c24cce3bb479
Fingerprint	e79740444776a70f
Analysis status	DONE
Considered CTI value	0
Text language
Published	July 31, 2014, midnight
Added to db	Sept. 26, 2022, 9:32 a.m.
Last updated	Nov. 18, 2024, 3:36 a.m.
Headline	Tools used by the Uroburos actors
Title	Tools used by the Uroburos actors - PDF Free Download
Detected Hints/Tags/Attributes	219/3/83

Source URLs

	Redirection	Url
Details	Source	https://docplayer.net/101655589-Tools-used-by-the-uroburos-actors.html

URL Provider

Details	Provider	Source level domain
Details	docplayer.net	docplayer.net

Attributes

Details	Type	#Events	Value
Details	Domain	3	soheylistore.ir
Details	Domain	3	tazohor.com
Details	Domain	3	jucheafrica.com
Details	Domain	3	61paris.fr
Details	Domain	1	paris.fr
Details	Domain	6	gdata.de
Details	Domain	1	paladion.net
Details	Domain	2	www.paladion.net
Details	Domain	1	www.mcsi.mantech.com
Details	Domain	11	circl.lu
Details	Domain	1	exploit-analysis.com
Details	Domain	1	ksel.co.kr
Details	Domain	338	kaspersky.com
Details	Domain	1	cdac.in
Details	Domain	1	www.cdachyd.in
Details	Domain	3	www.securityxploded.com
Details	Domain	1	acumen-innovations.com
Details	Domain	2	ikanow.com
Details	Domain	55	live.com
Details	Domain	34	www.paloaltonetworks.com
Details	Domain	1176	gmail.com
Details	Domain	1	stu.ac.kr
Details	Domain	27	ptsecurity.ru
Details	Domain	1	cc.hut.fi
Details	Domain	1	csnc.ch
Details	Domain	1	vigilantminds.com
Details	Domain	1373	twitter.com
Details	Domain	675	www.linkedin.com
Details	Domain	1	www.miercom.com
Details	Domain	1	fourteenforty.jp
Details	Email	2	intelligence@gdata.de
Details	Email	1	arindam.mandal@paladion.net
Details	Email	1	alexandre.dulaunoy@circl.lu
Details	Email	1	jdcom@ksel.co.kr
Details	Email	1	bgbak@ksel.co.kr
Details	Email	2	vitaly.kamluk@kaspersky.com
Details	Email	1	himanshup@cdac.in
Details	Email	1	info@acumen-innovations.com
Details	Email	1	victorkleo@live.com
Details	Email	1	monnappa22@gmail.com
Details	Email	1	tkkim@stu.ac.kr
Details	Email	3	srublev@ptsecurity.ru
Details	Email	1	walter.sprenger@csnc.ch
Details	Email	1	jan.monsch@csnc.ch
Details	Email	1	info@vigilantminds.com
Details	Email	1	murakami@fourteenforty.jp
Details	File	1	legitimate.inf
Details	File	1	c:\program files\windows nt\accessoiries\en-us - the malware check each.inf
Details	File	2	other.dll
Details	File	263	iexplore.exe
Details	File	173	outlook.exe
Details	File	15	msimn.exe
Details	File	199	firefox.exe
Details	File	73	opera.exe
Details	File	271	chrome.exe
Details	File	7	netscape.exe
Details	File	8	mozilla.exe
Details	File	4	adobeupdater.exe
Details	File	13	feed.php
Details	File	2	feed-rss-comments.php
Details	File	2	class-wp-edit.php
Details	File	2	ms-set.php
Details	File	1	c:\program files\windows mail\en-us\msximl.dll
Details	File	14	c:\program files\internet explorer\iexplore.exe
Details	File	1	-.sys
Details	File	1	-.dat
Details	File	125	ntoskrnl.exe
Details	File	1	decrypted.dat
Details	File	3	inj_snake_win32.dll
Details	File	3	inj_services_win32.dll
Details	File	1	the.sys
Details	IPv4	1	66.40.6.179
Details	IPv4	81	192.168.1.100
Details	Pdb	2	c:\projects\chinckskx64\debug\chinch.pdb
Details	Pdb	2	c:\projects\chinckskx64\release\libadcodec.pdb
Details	Pdb	2	c:\projects\chinckskx64\x64\release\libadcodec.pdb
Details	Pdb	2	e:\old_comp\_chinch\chinch\trunk\debug\chinch.pdb
Details	Pdb	2	c:\projects\chinchsk\release\libadcodec.pdb
Details	Url	1	http://www.paladion.net
Details	Url	1	http://exploit-analysis.com
Details	Url	1	https://twitter.com/ddos
Details	Url	1	http://www.linkedin.com/pub/aman-diwakar-ccie-cissp/5/217/4b7
Details	Windows Registry Key	13	HKCU\Software\Classes\CLSID