ioc[.]one - OSINT Cyber Threat Intelligence Database

Exploring AsyncRAT and Infostealer Plugin Delivery Through Phishing…

Tags

cmtmf-attack-pattern:	Masquerading Process Injection
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Models Exploits - T1587.004 Exploits - T1588.005 Hidden Window - T1564.003 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Process Hollowing - T1055.012 Process Injection - T1631 Scheduled Task - T1053.005 Vulnerabilities - T1588.006 Browser Extensions - T1176 Brute Force - T1110 Hidden Window - T1143 Masquerading - T1036 Powershell - T1086 Process Hollowing - T1093 Process Injection - T1055 Scheduled Task - T1053 Masquerading

Show in Graph

Common Information

Type	Value
UUID	e326a7b9-0903-4fa8-a835-dde3ef63d696
Fingerprint	28a20c91be375b8d
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 29, 2024, midnight
Added to db	Oct. 3, 2024, 10:44 a.m.
Last updated	Nov. 5, 2024, 3:23 p.m.
Headline	Exploring AsyncRAT and Infostealer Plugin Delivery Through Phishing Emails
Title	Exploring AsyncRAT and Infostealer Plugin Delivery Through Phishing…
Detected Hints/Tags/Attributes	62/3/27

Source URLs

	Redirection	Url
Details	Source	https://www.esentire.com/blog/exploring-asyncrat-and-infostealer-plugin-delivery-through-phishing-emails

URL Provider

Details	Provider	Source level domain
Details	esentire.com	www.esentire.com

Attributes

Details	Type	#Events	Value
Details	CVE	49	cve-2024-45519
Details	CVE	53	cve-2024-29847
Details	Domain	1	bktpnecuahtazdbo.zip
Details	File	1	uzopuzbkrpcziwca.txt
Details	File	1	laodpuuqwxlvfvqt.jpg
Details	File	1	bktpnecuahtazdbo.zip
Details	File	1	iruahckdfafdchuv.vbs
Details	File	1	ceiuludezfcevsmm.bat
Details	File	1	c:\users\public\yxrpnpsmgcobeurv.ps1
Details	File	1	yxrpnpsmgcobeurv.ps1
Details	File	1	c:\users\public\wcqcmxnsfchwesfw.vbs
Details	File	1	wcqcmxnsfchwesfw.vbs
Details	File	1	c:\users\public\wjviqqfzmzlsztjj.bat
Details	File	1	wjviqqfzmzlsztjj.bat
Details	File	1	nbubmhczjlejxgvw.ps1
Details	File	1	newpe2.dll
Details	File	103	regasm.exe
Details	md5	1	154cc0f462c85b494a45b7531f3a9f03
Details	md5	1	a332817fd302e05b131c7a7a0cdb1a04
Details	md5	1	c86280bd532eec707f106542a4458400
Details	md5	1	1eefdb23f7c63922756eafb532127b8e
Details	md5	1	ac0f2aa2c5caf791f0310c2c07a1e1c3
Details	md5	1	315bc30cd580b750b4afc294fa38a8bc
Details	md5	1	ec348cf15e839b8912862352bc916d22
Details	md5	1	dcce5bc3e27295a1cbe13a411244fe93
Details	IPv4	1	104.243.37.35
Details	Url	1	http://104.243.37.35:222/bfbupdeuiterborm/uzopuzbkrpcziwca.txt