Vawtrak and UrlZone Banking Trojans Target Japan | Proofpoint US
Tags
Common Information
| Type | Value |
|---|---|
| UUID | d3c5e5a9-bec2-455b-928e-0314c1843331 |
| Fingerprint | 61b941b90c67bece |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 5, 2016, 7:15 p.m. |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 13, 2024, 12:45 a.m. |
| Headline | Vawtrak and UrlZone Banking Trojans Target Japan |
| Title | Vawtrak and UrlZone Banking Trojans Target Japan | Proofpoint US |
| Detected Hints/Tags/Attributes | 56/3/98 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | empresas.bankinter.com |
|
| Details | Domain | 1 | www.bancsabadell.com |
|
| Details | Domain | 1 | ww1.sabadellcam.com |
|
| Details | Domain | 1 | ww1.sabadellurquijo.com |
|
| Details | Domain | 1 | www.ruralvia.com |
|
| Details | Domain | 1 | smbc.co.jp |
|
| Details | Domain | 1 | ib1.musashinobank.co.jp |
|
| Details | Domain | 1 | ib1.yamagatabank.co.jp |
|
| Details | Domain | 1 | bk.juroku.co.jp |
|
| Details | Domain | 1 | direct.chugin.co.jp |
|
| Details | Domain | 1 | direct.ryugin.co.jp |
|
| Details | Domain | 1 | direct1.82bank.co.jp |
|
| Details | Domain | 1 | ib.daishi-bank.co.jp |
|
| Details | Domain | 1 | ib.hokkokubank.co.jp |
|
| Details | Domain | 1 | www11.ib.shinkin-ib.jp |
|
| Details | Domain | 1 | direct.jabank.jp |
|
| Details | Domain | 1 | parasol.anser.ne.jp |
|
| Details | Domain | 1 | ib.resonabank.co.jp |
|
| Details | Domain | 1 | login.japannetbank.co.jp |
|
| Details | Domain | 1 | ib.tsukubabank.co.jp |
|
| Details | Domain | 1 | ib1.awabank.co.jp |
|
| Details | Domain | 1 | mib.miyagin.co.jp |
|
| Details | Domain | 1 | direct.ib.hirogin.co.jp |
|
| Details | Domain | 1 | ib.miyagin.co.jp |
|
| Details | Domain | 1 | netbk.co.jp |
|
| Details | Domain | 1 | huremoke.net |
|
| Details | Domain | 1 | votehad.su |
|
| Details | Domain | 1 | shardsound.net |
|
| Details | Domain | 1 | kernsmee.ru |
|
| Details | Domain | 1 | masabodhi.com |
|
| Details | Domain | 1 | hwnbv5woeedjffn.com |
|
| Details | Domain | 1 | www.fondazionelanza.it |
|
| Details | Domain | 1 | www.tajjquartet.com |
|
| Details | Domain | 2 | ifree-online.com |
|
| Details | Domain | 1 | begiekee.com |
|
| Details | Domain | 1 | searalihid.com |
|
| Details | Domain | 1 | zofienie.com |
|
| Details | Domain | 1 | deehiesei.com |
|
| Details | Domain | 1 | keanees.com |
|
| Details | Domain | 1 | peazor.com |
|
| Details | Domain | 1 | xeaberal.com |
|
| Details | Domain | 1 | dietoog.com |
|
| Details | Domain | 1 | mafoovoo.com |
|
| Details | Domain | 1 | geeseazei.net |
|
| Details | File | 67 | get.php |
|
| Details | File | 1 | paris.php |
|
| Details | File | 8 | images.php |
|
| Details | File | 24 | news.php |
|
| Details | File | 1 | andoluse.php |
|
| Details | File | 38 | ajax.php |
|
| Details | File | 2 | v3.exe |
|
| Details | File | 1 | akeyb.exe |
|
| Details | File | 55 | payload.exe |
|
| Details | File | 1 | ponik.exe |
|
| Details | md5 | 1 | 272a5ad4a1b97a2ac874d6d3e5fff01d |
|
| Details | md5 | 1 | 2f6421d9a99d75c5d153edda3f1fe5e3 |
|
| Details | md5 | 1 | 9079dae8e107342d8f3747fa74ab8a57 |
|
| Details | md5 | 1 | 7afb9776a27d97b2f43f8de256448072 |
|
| Details | sha256 | 1 | 1a86cf4fb4dcb0e4e3aad41bc039d8302e0fd6f9fabe203efc77e3aec35e2f66 |
|
| Details | sha256 | 2 | 606708c9479e1df26545d469d3d54a0e268f01ad8aa061f6504968c3b1594a0c |
|
| Details | sha256 | 3 | 757f2c62637765cbc8c7b9f5f63ed4ab00f34485f516a66b2a81b4edfb731920 |
|
| Details | sha256 | 1 | ce08a35831f6f5777db6e8fea9bac40808917fec019338ba00285082737611fb |
|
| Details | sha256 | 1 | e90050d963d376c1f75416ebf9bc6ffa2299046f8add1dde6d67752443587411 |
|
| Details | sha256 | 1 | 1d6d7ea0eeec99da1add9e83f672533eeee900dc817018ee6edbf635bb08cf0a |
|
| Details | sha256 | 1 | f3b9815ea4a6c603eafadb26efebec21565deec315ee007d59e92f0f656a90bb |
|
| Details | sha256 | 1 | 15896a44319d18f8486561b078146c30a0ce1cd7e6038f6d614324a39dfc6c28 |
|
| Details | sha256 | 1 | 9f1de72234dcf77ddf25b69df98058a7f9e633f803ddc2720209bb315ef3a04c |
|
| Details | IPv4 | 1 | 5.45.179.179 |
|
| Details | IPv4 | 1 | 91.242.163.74 |
|
| Details | IPv4 | 1 | 5.187.2.19 |
|
| Details | Url | 1 | http://huremoke.net/get.php |
|
| Details | Url | 1 | http://votehad.su/paris.php |
|
| Details | Url | 1 | http://shardsound.net/images.php |
|
| Details | Url | 1 | http://kernsmee.ru/news.php |
|
| Details | Url | 1 | http://masabodhi.com/andoluse.php |
|
| Details | Url | 1 | https://hwnbv5woeedjffn.com |
|
| Details | Url | 1 | http://5.45.179.179/ajax.php |
|
| Details | Url | 1 | http://5.45.179.179/p/ajax.php |
|
| Details | Url | 1 | http://www.fondazionelanza.it/eng/v3.exe |
|
| Details | Url | 1 | http://www.fondazionelanza.it/eng/akeyb.exe |
|
| Details | Url | 1 | http://www.tajjquartet.com/ff/serif/payload.exe |
|
| Details | Url | 1 | http://www.tajjquartet.com/ff/serif/ponik.exe |
|
| Details | Url | 2 | https://ifree-online.com |
|
| Details | Url | 1 | http://begiekee.com/rss/feed/stream |
|
| Details | Url | 1 | http://searalihid.com/rss/feed/stream |
|
| Details | Url | 1 | http://zofienie.com/rss/feed/stream |
|
| Details | Url | 1 | http://deehiesei.com/rss/feed/stream |
|
| Details | Url | 1 | http://keanees.com/rss/feed/stream |
|
| Details | Url | 1 | http://peazor.com/rss/feed/stream |
|
| Details | Url | 1 | http://xeaberal.com/rss/feed/stream |
|
| Details | Url | 1 | http://dietoog.com/rss/feed/stream |
|
| Details | Url | 1 | http://mafoovoo.com/rss/feed/stream |
|
| Details | Url | 1 | http://geeseazei.net/rss/feed/stream |
|
| Details | Url | 1 | http://5.187.2.19/module/272a5ad4a1b97a2ac874d6d3e5fff01d |
|
| Details | Url | 1 | http://5.187.2.19/module/2f6421d9a99d75c5d153edda3f1fe5e3 |
|
| Details | Url | 1 | http://5.187.2.19/module/9079dae8e107342d8f3747fa74ab8a57 |
|
| Details | Url | 1 | http://5.187.2.19/module/7afb9776a27d97b2f43f8de256448072 |
|
| Details | Url | 1 | http://5.187.2.19/upd/28 |