ioc/Bobik at master · avast/ioc
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Python - T1059.006 |
Common Information
| Type | Value |
|---|---|
| UUID | d6f7f2e8-c753-441b-9158-482956fb8edb |
| Fingerprint | 3042ba72c778ec89 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 5, 2022, midnight |
| Added to db | Jan. 16, 2023, 3:55 p.m. |
| Last updated | Nov. 14, 2024, 7:58 p.m. |
| Headline | Name already in use |
| Title | ioc/Bobik at master · avast/ioc |
| Detected Hints/Tags/Attributes | 12/1/35 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://github.com/avast/ioc/tree/master/Bobik |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 36 | decoded.avast.io |
|
| Details | Domain | 5 | decryptor.py |
|
| Details | Domain | 2 | v9agm8uwtjmz.sytes.net |
|
| Details | Domain | 2 | q7zemy6zc7ptaeks.servehttp.com |
|
| Details | File | 18 | targets.txt |
|
| Details | File | 1 | targets.xlsx |
|
| Details | File | 5 | decryptor.py |
|
| Details | sha256 | 1 | 00fead2e42b663522bfd8de53973b52dce737862b4ed6b965edb547364c64572 |
|
| Details | sha256 | 1 | 01f0c34c6dccbd321a0a91146e8627a8408dd26cb7e7c5164a1d0f2bfeb16316 |
|
| Details | sha256 | 1 | 2a450e29979be9fffec1459861a40c3b61445a47cd544665e86a44ed4fe719c9 |
|
| Details | sha256 | 1 | 59f9e06b0bb5ca296df0b224f8c46982d78f47a1d2d8e536a7792d1b0e8242c4 |
|
| Details | sha256 | 1 | 7256c9d385cbcf130e023380c77feb89e50d206d82ac4f653d2448b88e0499a6 |
|
| Details | sha256 | 1 | 786095166809e6dcdb295f4cea90b877b965fc9b221fb364bfb93f5d5028589c |
|
| Details | sha256 | 1 | 7dad1b3414823ed590acfdd146026b11706c3482247e96952b7c83d1eb7b8ea2 |
|
| Details | sha256 | 1 | 85cb02fdebb021674f8526b4e3a85abba59919b9b185a3ea6237a6ed8927beac |
|
| Details | sha256 | 1 | ad680fc861a68e677da3ace15aaf9bb1736867c9171faf7e1849acc0e9bdd5af |
|
| Details | sha256 | 1 | bab56e71e7d0fd683b14b74d4001697550a93aacb5ce42313a8c32945d33d4bd |
|
| Details | sha256 | 1 | dfe515f26cddf21b3467c2d228b62435baa3deb09d14ce0fec4096d346384e58 |
|
| Details | sha256 | 1 | e8bf07b3c2cb794286aafc7a7fc7070226be36b99b339484564c7743ac4aaec8 |
|
| Details | sha256 | 1 | ee97d9bec755ced951f1e3296c543b3268f8dc8bed70a0007b3a6df4a1fd81f7 |
|
| Details | sha256 | 1 | eebfae33bf2d95084ca01400824d1e921cd51322e45b285146830984c2d45649 |
|
| Details | sha256 | 1 | f2ac8b2c9ef18f47ab6703fd5e84d7fd7edb872fe22f42324d7d8d5e322eb6f2 |
|
| Details | sha256 | 1 | f712178db07cfe487e9c6e0c2d64bbe996ccda8d110a9eaa2e18b5a306c0f45d |
|
| Details | sha256 | 1 | f8dcb9e093781f2081a6deed618bf75484b086bc48ccf7a98fcd27f7cbb6b8fc |
|
| Details | sha256 | 1 | 3d1817e36ad70a58b809e0eb1bd49533397d58bede47cf98fb4bf306c39109df |
|
| Details | sha256 | 1 | 55875b324f86f112adfaad5b5f4b5c3a8028e02a9dd6f6372cedd96a26afb81c |
|
| Details | sha256 | 1 | 4ae750334d6d0ade3f3c8dea1d5d49c277097010d1af9e85910cd4d410ff592e |
|
| Details | sha256 | 1 | ec80e279830d478f169c8232ff0bb21f84f57b1baa920366af0e81fa380f48a4 |
|
| Details | IPv4 | 2 | 77.232.41.206 |
|
| Details | IPv4 | 5 | 2.57.122.82 |
|
| Details | Url | 3 | https://decoded.avast.io/martinchlumecky/bobik |
|
| Details | Url | 1 | http://77.232.41.206/bcaa8752-51ff-4e35-8ef9-4aefbf42b482 |
|
| Details | Url | 1 | http://2.57.122.82/d380f816-7412-400a-9b64-78e35dd51f6e |
|
| Details | Url | 1 | http://v9agm8uwtjmz.sytes.net/d380f816-7412-400a-9b64-78e35dd51f6e/update |
|
| Details | Url | 1 | http://q7zemy6zc7ptaeks.servehttp.com/d380f816-7412-400a-9b64-78e35dd51f6e/update |