Malware-Traffic-Analysis.net - 2015-06-15 - Angler EK from 46.4.235.3 sends Bedep
Tags
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | f4e13af6-5a01-4a90-8ac0-4ce29ba14557 |
| Fingerprint | 25f36929e42216d2 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 15, 2015, midnight |
| Added to db | Jan. 19, 2023, 12:13 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | UNKNOWN |
| Title | Malware-Traffic-Analysis.net - 2015-06-15 - Angler EK from 46.4.235.3 sends Bedep |
| Detected Hints/Tags/Attributes | 17/1/47 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://www.malware-traffic-analysis.net/2015/06/15/index.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | 2015-06-15-angler-ek-traffic.pcap.zip |
|
| Details | Domain | 1 | 2015-06-15-angler-ek-malware-and-artifacts.zip |
|
| Details | Domain | 1 | pyhnen.mistresseve.com |
|
| Details | Domain | 1 | ijyminllbfsuice46.com |
|
| Details | Domain | 1 | tebemqyscaglxtb.com |
|
| Details | Domain | 1 | will.merchantprospect.com |
|
| Details | Domain | 1 | mouyrate.com |
|
| Details | Domain | 1 | jerorefest.com |
|
| Details | Domain | 1 | neoplanset.com |
|
| Details | Domain | 1 | gregsomebore.com |
|
| Details | Domain | 1 | jertadopoeremo.com |
|
| Details | Domain | 1 | www.earthtools.org |
|
| Details | Domain | 3 | www.ecb.europa.eu |
|
| Details | Domain | 88 | malware-traffic-analysis.net |
|
| Details | 2 | admin@malware-traffic-analysis.net |
||
| Details | File | 38 | pcap.zip |
|
| Details | File | 1 | 2015-06-15-angler-ek-malware-and-artifacts.zip |
|
| Details | File | 1 | 2015-06-15-angler-ek-landing-page.txt |
|
| Details | File | 2 | twain_32.dll |
|
| Details | File | 1 | eurofxref-hist-90d.xml |
|
| Details | File | 7 | blog.php |
|
| Details | File | 6 | asset.php |
|
| Details | File | 1 | database_error_message.html |
|
| Details | File | 24 | news.php |
|
| Details | File | 1 | memberlist.php |
|
| Details | File | 1206 | index.php |
|
| Details | File | 1 | class_blog_entry.php |
|
| Details | File | 4 | ads.php |
|
| Details | File | 3 | j.php |
|
| Details | md5 | 1 | f41f10b91f447d325ea1bc1b80e26ebd |
|
| Details | md5 | 1 | cf1132c904c52895cda76fa365265de4 |
|
| Details | md5 | 1 | 1a4468a7b2a7027e87fb8029e73f7951 |
|
| Details | sha256 | 1 | f540018e28a0a7ce4b8a8f391d4e84bf9951d650f7d277e724694baded13e5a1 |
|
| Details | IPv4 | 1 | 46.4.235.3 |
|
| Details | IPv4 | 1 | 95.211.230.75 |
|
| Details | IPv4 | 1 | 162.244.33.102 |
|
| Details | IPv4 | 1 | 94.242.198.218 |
|
| Details | IPv4 | 1 | 162.244.34.140 |
|
| Details | IPv4 | 1 | 95.211.202.33 |
|
| Details | IPv4 | 1 | 209.133.193.98 |
|
| Details | IPv4 | 1 | 46.45.137.77 |
|
| Details | IPv4 | 1 | 162.244.34.39 |
|
| Details | Windows Registry Key | 21 | HKEY_CLASSES_ROOT\CLSID |
|
| Details | Windows Registry Key | 9 | HKEY_CURRENT_USER\Software\Classes\CLSID |
|
| Details | Windows Registry Key | 12 | HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID |
|
| Details | Windows Registry Key | 1 | HKEY_USERS\S-1-5-21-970660591-2671040492-1938035795-1000\Sofware\Classes\CLSID |
|
| Details | Windows Registry Key | 1 | HKEY_USERS\S-1-5-21-970660591-2671040492-1938035795-1000_Classes\CLSID |