Mapping out AridViper Infrastructure Using Recon’s Malware Module
Tags
| country: | Chad |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Whois - T1596.002 |
Common Information
| Type | Value |
|---|---|
| UUID | d6987752-df2a-4c15-bdb9-a09f94026475 |
| Fingerprint | ba608793cbfa23cf |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 16, 2020, 2:56 p.m. |
| Added to db | Jan. 16, 2023, 4:58 p.m. |
| Last updated | Nov. 17, 2024, 6:30 p.m. |
| Headline | Mapping out AridViper Infrastructure Using Recon’s Malware Module |
| Title | Mapping out AridViper Infrastructure Using Recon’s Malware Module |
| Detected Hints/Tags/Attributes | 30/3/78 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | judystevenson.info |
|
| Details | Domain | 4 | escanor.live |
|
| Details | Domain | 3 | jaime-martinez.info |
|
| Details | Domain | 4 | krasil-anthony.icu |
|
| Details | Domain | 6 | nicoledotson.icu |
|
| Details | Domain | 4 | ruthgreenrtg.live |
|
| Details | Domain | 2 | benyallen.club |
|
| Details | Domain | 3 | chad-jessie.info |
|
| Details | Domain | 454 | www.google.com |
|
| Details | Domain | 1 | jack-fruit.club |
|
| Details | Domain | 2 | lordblackwood.club |
|
| Details | Domain | 1 | angeladeloney.info |
|
| Details | Domain | 3 | overingtonray.info |
|
| Details | Domain | 3 | camilleoconnell.website |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 141 | research.checkpoint.com |
|
| Details | File | 1 | c:\programdata\guid.bin |
|
| Details | File | 12 | bot.html |
|
| Details | md5 | 2 | faff57734fe08af63e90c0492b4a9a56 |
|
| Details | md5 | 2 | 6e2d058c3508694a392194dbb6e9fe44 |
|
| Details | md5 | 3 | 835f86e1e83a3da25c715e89db5355cc |
|
| Details | md5 | 3 | 89e9823013f711d384824d8461cc425d |
|
| Details | md5 | 2 | 94a5e595be051b9250e678de1ff927ac |
|
| Details | md5 | 3 | ae0b53e6b378bf74e1dd2973d604be55 |
|
| Details | md5 | 3 | c27f925a7c424c0f5125a681a9c44607 |
|
| Details | md5 | 3 | f5bac4d2de2eb1f8007f68c77bfa460e |
|
| Details | md5 | 2 | f93faca357f9a8041a377ca913888565 |
|
| Details | md5 | 1 | 1eb1923e959490ee9f67687c7faec697 |
|
| Details | md5 | 1 | 20d21c75b92be3cfcd5f69a3ef1deed2 |
|
| Details | md5 | 1 | 3296b51479c7540331233f47ed7c38dd |
|
| Details | md5 | 1 | 471313cb47c6165ec74088fafb9a5545 |
|
| Details | md5 | 1 | 4b96fecd0c6451b30619e6e836fe7ffa |
|
| Details | md5 | 2 | 4d9b6b0e7670dd5919b188cb71d478c0 |
|
| Details | md5 | 1 | 8d50262448d0c174fc30c02e20ca55ff |
|
| Details | md5 | 1 | 90cdf5ab3b741330e5424061c7e4b2e2 |
|
| Details | md5 | 1 | 9bb70dfa2e39be46278fb19764a6149a |
|
| Details | md5 | 1 | 9bc9765f2ed702514f7b14bcf23a79c7 |
|
| Details | md5 | 3 | 9d76d59de0ee91add92c938e3335f27f |
|
| Details | md5 | 1 | a7cf4df8315c62dbebfbfea7553ef749 |
|
| Details | md5 | 1 | c12b3336f5efc8e83fcace6f81b27642 |
|
| Details | md5 | 2 | c4a90110acd78e2de31ad9077aa4eff6 |
|
| Details | md5 | 2 | c7d7ee62e093c84b51d595f4dc56eab1 |
|
| Details | md5 | 2 | e35d13bd8f04853e69ded48cf59827ef |
|
| Details | md5 | 2 | e8effd3ad2069ff8ff6344b85fc12dd6 |
|
| Details | md5 | 1 | edc3b146a5103051b39967246823ca09 |
|
| Details | md5 | 1 | 09cd0da3fb00692e714e251bb3ee6342 |
|
| Details | md5 | 1 | 142a25bb5fd4612c9f6afcaad34fce37 |
|
| Details | md5 | 1 | 46871f3082e2d33f25111a46dfafd0a6 |
|
| Details | md5 | 1 | 758e432ed759013e0d00723c3d2af0c6 |
|
| Details | md5 | 1 | 7fcfb64b1383d0d73f32dbe365fe4fdb |
|
| Details | md5 | 1 | fc5b2c81debf30d251d5220097c2f846 |
|
| Details | md5 | 1 | 221c5982d545b4efb2cbee4e0597d154 |
|
| Details | md5 | 1 | 947fd5f93c44807986f5663a739e0f46 |
|
| Details | md5 | 1 | f65e5bb6e35a3e28c2c878824293d939 |
|
| Details | md5 | 1 | f7a3f14ddbea80a1fe8653a8b71ce4df |
|
| Details | md5 | 1 | 1d815939c4c4df5039185be9506ee88a |
|
| Details | md5 | 2 | 21aa63b42825fb95bf5114419fb42157 |
|
| Details | md5 | 1 | 8b7ad86f74c3fb6d51e7cfb39fdd65be |
|
| Details | md5 | 1 | 2b67b7d14d1479dd7935f326d05a34d2 |
|
| Details | md5 | 1 | 5d8786b378c881f44443eb17940d6af6 |
|
| Details | md5 | 1 | 51e53e55ec7d8af56797a171159d5535 |
|
| Details | IPv4 | 1 | 198.54.114.246 |
|
| Details | IPv4 | 3 | 198.54.117.197 |
|
| Details | IPv4 | 1 | 198.54.116.43 |
|
| Details | IPv4 | 1 | 198.187.29.152 |
|
| Details | IPv4 | 1 | 198.187.29.21 |
|
| Details | IPv4 | 1 | 162.213.253.37 |
|
| Details | IPv4 | 1 | 198.54.115.130 |
|
| Details | IPv4 | 1 | 68.65.122.52 |
|
| Details | IPv4 | 1 | 198.54.116.157 |
|
| Details | IPv4 | 6 | 198.54.117.200 |
|
| Details | IPv4 | 1 | 104.219.248.45 |
|
| Details | IPv4 | 1 | 199.188.200.253 |
|
| Details | IPv4 | 7 | 58.158.177.102 |
|
| Details | Threat Actor Identifier - APT-C | 79 | APT-C-23 |
|
| Details | Url | 12 | http://www.google.com/bot.html |
|
| Details | Url | 1 | https://twitter.com/baoshengbincumt/status/1332186267295961089 |
|
| Details | Url | 3 | https://research.checkpoint.com/2020/hamas-android-malware-on-idf-soldiers-this-is-how-it-happened |