ioc[.]one - OSINT Cyber Threat Intelligence Database

JasperLoader Emerges, Targets Italy with Gootkit Banking Trojan

Tags

country:	Belarus Switzerland China Germany Hong Kong Italy Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Javascript - T1059.007 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Network Security Appliances - T1590.006 Powershell - T1059.001 Private Keys - T1552.004 Python - T1059.006 Server - T1583.004 Server - T1584.004 Visual Basic - T1059.005 Tool - T1588.002 Powershell - T1086 Private Keys - T1145

Show in Graph

Common Information

Type	Value
UUID	e451280c-acc0-468a-9f3f-2f42fea645f5
Fingerprint	ae8489db81348bc3
Analysis status	DONE
Considered CTI value	0
Text language
Published	April 25, 2019, 11 a.m.
Added to db	Sept. 26, 2022, 9:33 a.m.
Last updated	Nov. 14, 2024, 2:04 p.m.
Headline	Vulnerability Information
Title	JasperLoader Emerges, Targets Italy with Gootkit Banking Trojan
Detected Hints/Tags/Attributes	97/3/17

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2019/04/jasperloader-targets-italy.html
Details	Source	https://blog.talosintelligence.com/2019/04/jasperloader-targets-italy.html?m=1

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		cdn.zaczvk.pl
Details	Domain	1		cloud.diminishedvaluecalifornia.com
Details	Domain	904		snort.org
Details	File	2		loadercrypt_823ef8a810513a4071485c36ddad4cc3.php
Details	File	1		ess-illustrations-v006-meineersterechnung-fn-sg.png
Details	File	1		%temp%\searchie32.js
Details	File	1		%temp%\illustrations5543.png
Details	File	1		%temp%\adobear.exe
Details	File	1		crypt0dd1d2637fdb71097213d70b94e86930.php
Details	File	1		%temp%\searchie32.txt
Details	File	1		searchie32.txt
Details	sha256	1		dc78dbd42216fdb64c1e40c6f7a2fad92921f70c40446d62eb1873d6b77ee04c
Details	Url	1		http://cdn.zaczvk.pl/loadercrypt_823ef8a810513a4071485c36ddad4cc3.php?vid=
Details	Url	1		https://www.telekom.de/resources/images/130468/ess-illustrations-v006-meineersterechnung-fn-sg.png
Details	Url	1		http://cloud.diminishedvaluecalifornia.com/501?dwgvhgc
Details	Url	1		http://cdn.zaczvk.pl/crypt0dd1d2637fdb71097213d70b94e86930.php
Details	Url	1		http://cdn.zaczvk.pl/loadercrypt_823ef8a810513a4071485c36ddad4cc3.php