Rewterz Threat Alert – Malspam campaign dropping LokiBot Malware - Rewterz
Common Information
Type Value
UUID e84264ea-c1da-454d-9188-bd145e431048
Fingerprint 85d4ac417d5dee4b
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 4, 2019, 5:34 p.m.
Added to db Dec. 19, 2024, 3:35 a.m.
Last updated Dec. 19, 2024, 10:50 a.m.
Headline Rewterz Threat Alert – Malspam campaign dropping LokiBot Malware
Title Rewterz Threat Alert – Malspam campaign dropping LokiBot Malware - Rewterz
Detected Hints/Tags/Attributes 11/1/18
Attributes
Details Type #Events CTI Value
Details CVE 68
cve-2018-15982
Details CVE 4
cve-2018-19725
Details CVE 4
cve-2018-16011
Details Domain 1
admin.snzadm.ru
Details Domain 1
impactspur.com
Details Email 1
adib@impactspur.com
Details File 83
fre.php
Details md5 1
6c1f2700eda668b3e912c3a6ac0bdcec
Details md5 1
20eb496e1487e739567d294570c3654f
Details md5 1
ccdc5204c92640beb9735bb38adbfa85
Details sha1 1
6e7716f1f1dd4caac37aa6f8274b413f48bdb6f2
Details sha1 1
52c5adfb146f873a72cbe52011ba57465021d16f
Details sha256 1
a9879832b75061e7cfc6ed363fa7055c3931bfe9c7fd84257d5d62e936e87b9a
Details sha256 1
f450d6a4eadea4b11e29d493c399ed3cf247a04444afec84a89572a7f41bf14a
Details sha256 1
e032a06a791dcf2971cbed8ce4f8c7d8ce1e844f0468343ed6b503de4438ee5c
Details IPv4 1
213.183.51.235
Details Url 1
http://admin.snzadm.ru/js/?cliente=
Details Url 1
http://213.183.51.235/lawd/panel/fre.php