ioc[.]one - OSINT Cyber Threat Intelligence Database

Sept 21 Greedy Shylock - financial malware

Tags

country:	Ukraine
attack-pattern:	Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	cff437cf-e08a-45b3-9549-ef0d01f8eddd
Fingerprint	df1e08e34ef18487
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 13, 2011, 6:44 a.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Oct. 1, 2024, 2:58 p.m.
Headline	UNKNOWN
Title	Sept 21 Greedy Shylock - financial malware
Detected Hints/Tags/Attributes	34/2/50

Source URLs

	Redirection	Url
Details	Source	http://contagiodump.blogspot.com/2011/09/sept-21-greedy-shylock-financial.html

URL Provider

Details	Provider	Source level domain
Details	blogspot.com	contagiodump.blogspot.com

Attributes

Details	Type	#Events	Value
Details	Domain	22	www.threatexpert.com
Details	Domain	6	suspicious.cloud
Details	Domain	3	article.gmane.org
Details	Domain	2	gmane.comp.security
Details	Domain	1	nw-serv.cc
Details	Domain	1	m-sservices.at
Details	Domain	1	webhelper.at
Details	Domain	1	globstorage.at
Details	Domain	1	additional-group.at
Details	File	19	report.aspx
Details	File	63	report.html
Details	File	1	client.html
Details	md5	1	4fda5e7e8e682870e993f97ad26ba6b2
Details	md5	1	bae400baf6760a1646cd44e348eea0f7
Details	md5	1	742cfd2be5d44fa072802bd4b031e818
Details	md5	1	1fd7cf2405ae599c1a91fe75912d18ff
Details	md5	1	d74f5f045c4b0f1d61746ded3a2a152e
Details	md5	1	fe17c2cddffd731ee6a34457121c6b20
Details	md5	1	a8ff900f5f3134a1f04d9217ab2d5dd0
Details	md5	1	715fb3cef70458b857bd55a0259a1265
Details	md5	1	5571be9c7b0d2e950bada71e72984e7a
Details	md5	1	72ace5e603bb4a5e2d8ef4434dc31417
Details	md5	1	9a8657a61daeafd7053017103ab53cd6
Details	md5	1	F7EDFF31835DA5E7D15FBB89508295D8
Details	md5	1	E1FF6F6D1B5467E5612AB36CD323A568
Details	md5	1	4FDA5E7E8E682870E993F97AD26BA6B2
Details	sha1	1	d1b17c351bafc899ba14c84e09b5cc258a2195bf
Details	sha256	1	4c71d1e15287d7a90b0526c23dbe21400a65fe683eb75e88368696f1aa24ac21
Details	IPv4	7	111.2.0.82
Details	IPv4	1	7.11.15.3
Details	IPv4	8	5.1.0.11
Details	IPv4	7	3.1.1.107
Details	IPv4	19	10.0.3.5
Details	IPv4	10	8.0.0.5
Details	IPv4	11	6.7.0.1
Details	IPv4	9	3.12.16.4
Details	IPv4	1	14.0.225.0
Details	IPv4	1	91.223.180.66
Details	IPv4	1	92.60.177.233
Details	IPv4	1	92.60.177.235
Details	IPv4	1	92.60.177.230
Details	IPv4	1	93.190.45.75
Details	Url	1	http://www.threatexpert.com/report.aspx?md5=4fda5e7e8e682870e993f97ad26ba6b2
Details	Url	1	http://www.virustotal.com/file-scan/report.html?id=4c71d1e15287d7a90b0526c23dbe21400a65fe683eb75e88368696f1aa24ac21
Details	Url	1	http://article.gmane.org/gmane.comp.security.ids.snort.emerging
Details	Url	1	http://nw-serv.cc/client.html
Details	Url	1	http://m-sservices.at/client.html
Details	Url	1	http://webhelper.at/client.html
Details	Url	1	http://globstorage.at/client.html
Details	Url	1	http://additional-group.at/client.html