Detecting Malware Disguised as OneNote with Threat Intelligence
Tags
Common Information
| Type | Value |
|---|---|
| UUID | e1a570e3-4795-4718-a4ae-8c3e6219dc5a |
| Fingerprint | a0092ff1c732e7c8 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 23, 2023, midnight |
| Added to db | March 24, 2023, 4:22 a.m. |
| Last updated | Dec. 19, 2024, 6:34 p.m. |
| Headline | UNKNOWN |
| Title | Detecting Malware Disguised as OneNote with Threat Intelligence |
| Detected Hints/Tags/Attributes | 33/1/47 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 163 | ✔ | — | https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 13 | files.catbox.moe |
|
| Details | Domain | 3 | onenotegem.com |
|
| Details | Domain | 74 | transfer.sh |
|
| Details | Domain | 3 | depotejarat.ir |
|
| Details | Domain | 2 | zaminkaran.ir |
|
| Details | Domain | 2 | newtryex.ddns.net |
|
| Details | Domain | 2 | stnicholaschurch.ca |
|
| Details | Domain | 2 | winery.nsupdate.info |
|
| Details | Domain | 2 | su1d.nerdpol.ovh |
|
| Details | Domain | 2 | direct-trojan.com |
|
| Details | Domain | 1 | mgcpakistan.com |
|
| Details | Domain | 2 | plax.duckdns.org |
|
| Details | Domain | 2 | ghcc.duckdns.org |
|
| Details | Domain | 2 | barricks.org |
|
| Details | Domain | 2 | kanaskanas.com |
|
| Details | Domain | 2 | codezian.com |
|
| Details | Domain | 4 | myvigyan.com |
|
| Details | Domain | 1 | tejaratdepoo.ir |
|
| Details | Domain | 1 | ariaevacuation.com |
|
| Details | Domain | 1 | datisairconditioner.com |
|
| Details | Domain | 1 | movieserial2.com |
|
| Details | Domain | 1 | bardia-bardia.com |
|
| Details | Domain | 1 | 2ndspreading1.ddns.net |
|
| Details | Domain | 1 | alphatradecapitals.com |
|
| Details | Domain | 1 | ariya-sanaat.ir |
|
| Details | Domain | 1 | ayot.ir |
|
| Details | Domain | 1 | beholdchk.com |
|
| Details | Domain | 1 | billionairedollarboys.com |
|
| Details | Domain | 1 | capitalglobetrust.com |
|
| Details | Domain | 1 | caricool.uk |
|
| Details | Domain | 1 | dronecammera.com |
|
| Details | Domain | 45 | byipv4.global |
|
| Details | IPv4 | 3 | 209.126.83.213 |
|
| Details | IPv4 | 2 | 3.101.39.145 |
|
| Details | IPv4 | 2 | 54.151.95.132 |
|
| Details | IPv4 | 2 | 154.12.234.207 |
|
| Details | IPv4 | 2 | 45.133.174.122 |
|
| Details | IPv4 | 2 | 154.12.250.38 |
|
| Details | IPv4 | 5 | 172.245.45.213 |
|
| Details | IPv4 | 2 | 198.23.172.90 |
|
| Details | IPv4 | 5 | 212.193.30.230 |
|
| Details | IPv4 | 2 | 179.43.187.241 |
|
| Details | IPv4 | 2 | 109.107.179.248 |
|
| Details | IPv4 | 2 | 209.126.2.34 |
|
| Details | IPv4 | 2 | 95.216.102.32 |
|
| Details | IPv4 | 1 | 107.160.74.134 |
|
| Details | IPv4 | 2 | 95.216.33.194 |