Malware hosting domain Cyberium fanning out Mirai variants
Tags
cmtmf-attack-pattern: Active Scanning Boot Or Logon Autostart Execution Command And Scripting Interpreter Exploit Public-Facing Application Obfuscated Files Or Information Scheduled Task/Job
maec-delivery-vectors: Watering Hole
attack-pattern: Active Scanning - T1595 Boot Or Logon Autostart Execution - T1547 Botnet - T1583.005 Botnet - T1584.005 Command And Scripting Interpreter - T1623 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Exploit Public-Facing Application - T1377 Exploits - T1587.004 Exploits - T1588.005 Indicator Removal On Host - T1630 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Obfuscated Files Or Information - T1406 Scheduled Task/Job - T1603 Server - T1583.004 Server - T1584.004 Unsecured Credentials - T1552 Vulnerabilities - T1588.006 Command-Line Interface - T1059 Exploit Public-Facing Application - T1190 Indicator Removal On Host - T1070 Obfuscated Files Or Information - T1027 Scheduled Task - T1053 Default Credentials Exploit Public-Facing Application Indicator Removal On Host
Show in Graph
Common Information
Type Value
UUID e531759a-0f32-41e7-b972-92fc5a59d823
Fingerprint 849c8d93a9b40780
Analysis status DONE
Considered CTI value 2
Text language
Published May 21, 2022, midnight
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Nov. 17, 2024, 6:56 p.m.
Headline Malware hosting domain Cyberium fanning out Mirai variants
Title Malware hosting domain Cyberium fanning out Mirai variants
Detected Hints/Tags/Attributes 91/3/43
Source URLs
Redirection Url
Details Source https://cybersecurity.att.com/blogs/labs-research/malware-hosting-domain-cyberium-fanning-out-mirai-variants
URL Provider
Details Provider Source level domain
Details att.com cybersecurity.att.com
Attributes
Details Type #Events CTI Value
Details CVE 11 
cve-2020-10987
Details CVE 72 
cve-2017-17215
Details CVE 73 
cve-2014-8361
Details CVE 3 
cve-2017-16725
Details Domain 1 
dns.cyberium.cc
Details Domain 1 
cyberium.cc
Details Domain 1 
snoopy.cyberium.cc
Details Domain 1 
gcc.cyberium.cc
Details Domain 2 
park.cyberium.cc
Details Domain 1 
hoon.cyberium.cc
Details Domain 2 
hh.cyberium.cc
Details Domain 2 
wo.cyberium.cc
Details Domain 1 
ns.cyberium.cc
Details Domain 1 
tmp.cyberium.cc
Details Domain 1 
ftp.cyberium.cc
Details Domain 1 
ddns.cyberium.cc
Details Domain 1 
park.allcheesedout.cc
Details Domain 2 
ratatouille.allcheesedout.cc
Details Domain 1 
watchdog.allcheesedout.cc
Details Domain 1 
bot.bigbots.cc
Details Domain 1 
cnc.bigbots.cc
Details Domain 1 
cnc1.bigbots.cc
Details Domain 1 
cnc.fewbots.cc
Details Domain 1 
bot.fewbots.cc
Details Domain 1 
cnc.hardbotz.cc
Details Domain 1 
projectaliennet.cc
Details Domain 1 
life.zerobytes.cc
Details Domain 1 
bin.rippr.cc
Details Domain 38 
blog.netlab.360.com
Details Domain 141 
research.checkpoint.com
Details Domain 40 
exploit-db.com
Details md5 1 
fbdc24f589e99088cec5fc77257c81f3
Details md5 1 
78ecbd418cac0a1af9feb860fceae2f9
Details md5 1 
14c629f43d3e05615ea1b25d3e4aa1fa
Details md5 1 
555821a5f67d064362e8ce9a48b95d56
Details MITRE ATT&CK Techniques 36 
T1595
Details MITRE ATT&CK Techniques 542 
T1190
Details MITRE ATT&CK Techniques 695 
T1059
Details MITRE ATT&CK Techniques 480 
T1053
Details MITRE ATT&CK Techniques 207 
T1547
Details MITRE ATT&CK Techniques 627 
T1027
Details MITRE ATT&CK Techniques 247 
T1070
Details MITRE ATT&CK Techniques 113 
T1552