Inside Jahoo (Otlard.A ?) - A spam Botnet
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Botnet - T1583.005 Botnet - T1584.005 Control Panel - T1218.002 Domains - T1583.001 Domains - T1584.001 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | e1d5e1a3-7b1f-431e-b1ae-6f19c3037905 |
| Fingerprint | e02b891c09159eeb |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 5, 2035, midnight |
| Added to db | Jan. 18, 2023, 10 p.m. |
| Last updated | Sept. 1, 2024, 5:36 a.m. |
| Headline | MDNC | Malware don't need Coffee |
| Title | Inside Jahoo (Otlard.A ?) - A spam Botnet |
| Detected Hints/Tags/Attributes | 37/2/23 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | llhost-inc.com |
|
| Details | Domain | 1 | zanufact.com |
|
| Details | File | 1 | socker.dll |
|
| Details | md5 | 1 | 55ead0e4010c7c1a601511286f879e33 |
|
| Details | md5 | 1 | ec5d314fc392765d065ff16f21722008 |
|
| Details | md5 | 1 | e600985d6797dec2f7388e86ae3e82ba |
|
| Details | md5 | 1 | a4f08c845cc8e2beae0d157a3624b686 |
|
| Details | md5 | 1 | 37898c10a350651add962831daa4fffa |
|
| Details | md5 | 1 | 24143f110e7492c3d040b2ec0cdfa3d0 |
|
| Details | md5 | 1 | b75f4834770fe64da63e42b8c90c6fcd |
|
| Details | md5 | 1 | 28ceafaef592986e4914bfa3f4c7f5c0 |
|
| Details | md5 | 1 | d0a14abe51a61c727420765f72de843a |
|
| Details | md5 | 1 | 2387fb927e6d9d6c027b4ba23d8c3073 |
|
| Details | md5 | 1 | 7d14c9edfd71d2b76dd18e3681fec798 |
|
| Details | IPv4 | 1 | 5.8.35.241 |
|
| Details | IPv4 | 1 | 5.8.35.0 |
|
| Details | IPv4 | 1 | 5.8.32.10 |
|
| Details | IPv4 | 1 | 5.8.32.8 |
|
| Details | IPv4 | 1 | 5.8.32.52 |
|
| Details | IPv4 | 1 | 5.8.34.20 |
|
| Details | IPv4 | 1 | 5.8.32.53 |
|
| Details | IPv4 | 1 | 5.8.32.56 |
|
| Details | IPv4 | 1 | 5.8.32.0 |