2024-09-19 X-WORM RAT (Phishing) Samples
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | dcb46796-0ed0-4082-9178-b533ef8d5d02 |
| Fingerprint | c8119c98f3d3dcf |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 13, 2024, 12:41 a.m. |
| Added to db | Sept. 13, 2024, 2:52 a.m. |
| Last updated | Nov. 12, 2024, 4:57 a.m. |
| Headline | 2024-09-19 X-WORM RAT (Phishing) Samples |
| Title | 2024-09-19 X-WORM RAT (Phishing) Samples |
| Detected Hints/Tags/Attributes | 18/2/14 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://malware.news/t/2024-09-19-x-worm-rat-phishing-samples/86334 |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 158 | ✔ | Malware Analysis, News and Indicators - Latest topics | https://malware.news/latest.rss | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 8 | svchost.com |
|
| Details | Domain | 2 | cyberdon1.duckdns.org |
|
| Details | Domain | 1 | ec7e0bf7036f03786789b6cb58d01c84733fc3a865974c79edf68cba25ff9891.itinerary.doc.zip |
|
| Details | Domain | 36 | contagiodump.blogspot.com |
|
| Details | Domain | 19 | contagiominidump.blogspot.com |
|
| Details | File | 3 | itinerary.doc |
|
| Details | File | 3 | _.zip |
|
| Details | File | 2 | output4.bat |
|
| Details | File | 1 | zbwwhqnzii.exe |
|
| Details | File | 1 | hpfqjgrkis.exe |
|
| Details | File | 6 | zip.exe |
|
| Details | sha256 | 1 | 1893afc228afedb18b743176cbd3f0e4adb31fee7982252a4dc6180a6fb83451 |
|
| Details | sha256 | 1 | ec7351c49098d55c332f9c5b0b4c51ffe804dd5780fc954006efcf2aeef91b7f |
|
| Details | sha256 | 2 | ec7e0bf7036f03786789b6cb58d01c84733fc3a865974c79edf68cba25ff9891 |