ioc[.]one - OSINT Cyber Threat Intelligence Database

ShadowPad in corporate networks

Tags

country:	Hong Kong South Korea Laos United States Of America
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Dns Server - T1583.002 Dns Server - T1584.002 Domains - T1583.001 Domains - T1584.001 Hardware - T1592.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	e1d7f2c6-c3be-4648-983a-b48e6d581dbd
Fingerprint	25811d59ac1e2d9d
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 15, 2017, 6 p.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Oct. 22, 2024, 8:42 p.m.
Headline	ShadowPad in corporate networks
Title	ShadowPad in corporate networks
Detected Hints/Tags/Attributes	65/2/34

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/shadowpad-in-corporate-networks/81432/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	Value
Details	Domain	2	nylalobghyhirgh.com
Details	Domain	2	www.netsarang.com
Details	Domain	338	kaspersky.com
Details	Domain	1	ribotqtonut.com
Details	Domain	1	jkvmdmjyfcvkf.com
Details	Domain	1	bafyvoruzgjitwr.com
Details	Domain	1	xmponmzmxkxkh.com
Details	Domain	1	tczafklirkl.com
Details	Domain	3	notped.com
Details	Domain	3	dnsgogle.com
Details	Domain	2	operatingbox.com
Details	Domain	3	paniesx.com
Details	Domain	3	techniciantext.com
Details	Email	147	intelreports@kaspersky.com
Details	File	3	nssock2.dll
Details	File	2	security_exploit_in_july_18_2017_build.html
Details	File	1	xme5.exe
Details	File	1	xmgr5.exe
Details	File	1	xshell5.exe
Details	File	1	xftp5.exe
Details	File	1	xlpd5.exe
Details	md5	1	0009f4b9972660eeb23ff3a9dccd8d86
Details	md5	1	b69ab19614ef15aa75baf26c869c9cdd
Details	md5	1	b2c302537ce8fbbcff0d45968cc0a826
Details	md5	1	78321ad1deefce193c8172ec982ddad1
Details	md5	1	28228f337fdbe3ab34316a7132123c49
Details	md5	3	97363d50a279492fda14cbab53429e75
Details	md5	1	ef0af7231360967c08efbdd2a94f9808
Details	sha1	1	12180ff028c1c38d99e8375dd6d01f47f6711b97
Details	sha1	1	35c9dae68c129ebb7e7f65511b3a804ddbe4cf1d
Details	sha1	1	7cf07efe04fe0012ed8beaa2dec5420a9b5561d6
Details	sha1	1	08a67be4a4c5629ac3d12f0fdd1efc20aa4bdb2b
Details	sha1	1	3d69fdd4e29ad65799be33ae812fe278b2b2dabe
Details	Url	1	https://www.netsarang.com/news/security_exploit_in_july_18_2017_build.html