Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities
Tags
cmtmf-attack-pattern: Masquerading
country: U.S. Virgin Islands
attack-pattern: Data Artificial Intelligence - T1588.007 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Masquerading - T1036 Scripting - T1064 Masquerading Scripting
Show in Graph
Common Information
Type Value
UUID f5795581-4eba-400e-a993-42e3415af1d7
Fingerprint 21161bc703b755f3
Analysis status DONE
Considered CTI value 0
Text language
Published July 21, 2023, 5:40 p.m.
Added to db July 21, 2023, 2:29 p.m.
Last updated Dec. 21, 2024, 3:22 a.m.
Headline Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities
Title Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities
Detected Hints/Tags/Attributes 39/3/11
Source URLs
Redirection Url
Details Source https://thehackernews.com/2023/07/sophisticated-bundlebot-malware.html
Details Source https://thehackernews.com/2023/07/sophisticated-bundlebot-malware.html?&web_view=true
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 99 Cyware News - Latest Cyber News https://cyware.com/allnews/feed 2024-08-30 22:08
Details 118 The Hacker News https://feeds.feedburner.com/TheHackersNews 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 359 
www.facebook.com
Details File 2 
google_ai.rar
Details File 2 
googleai.exe
Details File 2 
googleai.dll
Details File 21 
3.zip
Details File 4 
riotclientservices.exe
Details File 2 
riotclientservices.dll
Details File 2 
lirarysharing.dll
Details File 289 
chrome.exe
Details IPv4 15 
1.0.0.3
Details Url 2 
https://www.facebook.com/business/tools/ads-manager