Parasite HTTP RAT cooks up a stew of stealthy tricks | Proofpoint US
Tags
Common Information
| Type | Value |
|---|---|
| UUID | e2de940f-86eb-4598-b758-87eb57a01cf3 |
| Fingerprint | ae18895629b797a3 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 25, 2018, 2:15 p.m. |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 18, 2024, 11:24 a.m. |
| Headline | Parasite HTTP RAT cooks up a stew of stealthy tricks |
| Title | Parasite HTTP RAT cooks up a stew of stealthy tricks | Proofpoint US |
| Detected Hints/Tags/Attributes | 59/1/23 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4131 | github.com |
|
| Details | Domain | 1 | dboxhost.tk |
|
| Details | Domain | 1 | xetrodep.top |
|
| Details | Domain | 1 | jekoslo.space |
|
| Details | Domain | 1 | befrodet.top |
|
| Details | File | 1 | my_cv.doc |
|
| Details | File | 1 | resume_.doc |
|
| Details | File | 1 | cvnew.doc |
|
| Details | File | 17 | cv.doc |
|
| Details | File | 1 | new_resume.doc |
|
| Details | File | 748 | kernel32.dll |
|
| Details | File | 534 | ntdll.dll |
|
| Details | File | 1 | interrupt_3.cpp |
|
| Details | File | 1 | writewatch.cpp |
|
| Details | File | 1 | bza.exe |
|
| Details | Github username | 6 | lordnoteworthy |
|
| Details | Github username | 2 | spender-sandbox |
|
| Details | sha256 | 1 | 6479a901a17830de31153cb0c9f0f7e8bb9a6c00747423adc4d5ca1b347268dc |
|
| Details | sha256 | 1 | b52706530d7b56599834615357e8bbc1f5bed669001c06830029784eb4669518 |
|
| Details | Url | 1 | https://github.com/lordnoteworthy/al-khaser/blob/master/al-khaser/anti |
|
| Details | Url | 1 | https://github.com/spender-sandbox/cuckoomon-modified/blob/msvc/hook_sleep.c#l122 |
|
| Details | Url | 1 | https://github.com/spender-sandbox/cuckoomon-modified/blob/msvc/hook_thread.c#l232 |
|
| Details | Url | 1 | http://dboxhost.tk/moz/bza.exe |