HookSpoofer: The Modified Open Source Stealer Bundlers Making the Rounds
Tags
country: Italy
attack-pattern: Data Ip Addresses - T1590.005 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID e628bc56-5397-4b61-94e7-e7340d633c92
Fingerprint a81dc8dacebb22cf
Analysis status IN_PROGRESS
Considered CTI value 0
Text language
Published March 16, 2023, midnight
Added to db March 16, 2023, 2:54 a.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline HookSpoofer: The Modified Open Source Stealer Bundlers Making the Rounds
Title HookSpoofer: The Modified Open Source Stealer Bundlers Making the Rounds
Detected Hints/Tags/Attributes 51/2/25
Source URLs
Redirection Url
Details Source https://www.uptycs.com/blog/threat-research-hookspoofer
URL Provider
Details Provider Source level domain
Details uptycs.com www.uptycs.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 389 Uptycs Blog https://www.uptycs.com/blog/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 145 
api.telegram.org
Details Domain 911 
any.run
Details Domain 1 
firefox.ie
Details Domain 51 
battle.net
Details Domain 4 
anonfile.com
Details Domain 4128 
github.com
Details File 5 
2022.rar
Details File 9 
checker.exe
Details File 18 
stub.exe
Details File 3 
dotnetzip.dll
Details File 2 
anonfileapi.dll
Details File 11 
sitemanager.xml
Details File 34 
recentservers.xml
Details File 2127 
cmd.exe
Details Github username 4 
limerboy
Details md5 2 
de90466d983da595e863339c34ee4b6b
Details md5 1 
7FCE055A581C0B116A9679291BF89B7D
Details md5 1 
BD4345C3A7CC6F6E261986E1F5F1E8BC
Details md5 1 
474E0CD6BC1F0FB71BBFFA1AE7DD8E66
Details md5 2 
7fce055a581c0b116a9679291bf89b7d
Details md5 2 
474e0cd6bc1f0fb71bbffa1ae7dd8e66
Details Url 1 
https://raw.githubusercontent.com/limerboy/stormkitty/master/stormkitty/stub/packages/dotnetzip.1.13.8/lib/net40/dotnetzip.dll
Details Url 1 
https://raw.githubusercontent.com/limerboy/stormkitty/master/stormkitty/stub/packages/anonfileapi.1.14.6/lib/net40/anonfileapi.dll
Details Url 1 
https://api.telegram.org/bot6122846074
Details Url 3 
https://github.com/limerboy/stormkitty