Anomali Cyber Watch: Emotet Added Two New Modules, LofyGang Distributed 200 Malicious Packages, Bumblebee Loader Expanded Its Reach, and More
Tags
cmtmf-attack-pattern: Boot Or Logon Autostart Execution Command And Scripting Interpreter Masquerading Obfuscated Files Or Information Supply Chain Compromise
country: Brazil China
attack-pattern: Data Archive Collected Data - T1560 Archive Collected Data - T1532 Boot Or Logon Autostart Execution - T1547 Botnet - T1583.005 Botnet - T1584.005 Command And Scripting Interpreter - T1623 Credentials - T1589.001 Credentials From Password Stores - T1555 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Encrypted Channel - T1521 Encrypted Channel - T1573 Exfiltration Over C2 Channel - T1646 Exfiltration Over Web Service - T1567 File And Directory Discovery - T1420 Ingress Tool Transfer - T1544 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Obfuscated Files Or Information - T1406 System Information Discovery - T1426 Powershell - T1059.001 Software - T1592.002 Software Packing - T1027.002 Software Packing - T1406.002 Supply Chain Compromise - T1474 Command-Line Interface - T1059 Connection Proxy - T1090 Data From Network Shared Drive - T1039 Deobfuscate/Decode Files Or Information - T1140 Email Collection - T1114 Exfiltration Over Command And Control Channel - T1041 File And Directory Discovery - T1083 Remote File Copy - T1105 Masquerading - T1036 Obfuscated Files Or Information - T1027 Powershell - T1086 Scripting - T1064 Signed Binary Proxy Execution - T1218 Signed Script Proxy Execution - T1216 Software Packing - T1045 Supply Chain Compromise - T1195 System Information Discovery - T1082 User Execution - T1204 Masquerading Scripting Supply Chain Compromise User Execution
Show in Graph
Common Information
Type Value
UUID e07d42c3-9cd6-41cf-aafd-e7b8bab2a77c
Fingerprint cf45100367d34f03
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 12, 2022, midnight
Added to db Oct. 13, 2022, 7:41 a.m.
Last updated Nov. 17, 2024, 6:56 p.m.
Headline Anomali Cyber Watch: Emotet Added Two New Modules, LofyGang Distributed 200 Malicious Packages, Bumblebee Loader Expanded Its Reach, and More
Title Anomali Cyber Watch: Emotet Added Two New Modules, LofyGang Distributed 200 Malicious Packages, Bumblebee Loader Expanded Its Reach, and More
Detected Hints/Tags/Attributes 116/3/24
Source URLs
Redirection Url
Details Source https://www.anomali.com/blog/anomali-cyber-watch-emotet-added-two-new-modules-lofygang-distributed-200-malicious-packages-bumblebee-loader-expanded-its-reach-and-more
URL Provider
Details Provider Source level domain
Details anomali.com www.anomali.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 9 
repl.it
Details File 9 
jpg.exe
Details MITRE ATT&CK Techniques 627 
T1027
Details MITRE ATT&CK Techniques 504 
T1140
Details MITRE ATT&CK Techniques 492 
T1105
Details MITRE ATT&CK Techniques 121 
T1218
Details MITRE ATT&CK Techniques 12 
T1216
Details MITRE ATT&CK Techniques 163 
T1573
Details MITRE ATT&CK Techniques 422 
T1041
Details MITRE ATT&CK Techniques 172 
T1555
Details MITRE ATT&CK Techniques 89 
T1114
Details MITRE ATT&CK Techniques 420 
T1204
Details MITRE ATT&CK Techniques 52 
T1195
Details MITRE ATT&CK Techniques 695 
T1059
Details MITRE ATT&CK Techniques 80 
T1064
Details MITRE ATT&CK Techniques 207 
T1547
Details MITRE ATT&CK Techniques 29 
T1045
Details MITRE ATT&CK Techniques 348 
T1036
Details MITRE ATT&CK Techniques 1006 
T1082
Details MITRE ATT&CK Techniques 585 
T1083
Details MITRE ATT&CK Techniques 472 
T1486
Details MITRE ATT&CK Techniques 157 
T1560
Details MITRE ATT&CK Techniques 67 
T1039
Details MITRE ATT&CK Techniques 126 
T1567