ioc[.]one - OSINT Cyber Threat Intelligence Database

一种apc注入型的Gamarue病毒的变种 | CTF导航

Tags

attack-pattern:

Show in Graph

Common Information

Type	Value
UUID	f67de3a6-5341-4d25-9775-e99b62283060
Fingerprint	39dc622d66ede453
Analysis status	DONE
Considered CTI value	-2
Text language
Published	Oct. 5, 2024, midnight
Added to db	Oct. 28, 2024, 12:01 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	一种apc注入型的Gamarue病毒的变种
Title	一种apc注入型的Gamarue病毒的变种 \| CTF导航
Detected Hints/Tags/Attributes	7/1/35

Source URLs

	Redirection	Url
Details	Source	https://www.ctfiot.com/212099.html

URL Provider

Details	Provider	Source level domain
Details	ctfiot.com	www.ctfiot.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	426	✔	CTF导航	https://www.ctfiot.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	2	v1.eakalra.ru
Details	Domain	2	v1.op17.ru
Details	Domain	1	v1.zgclgdb.ru
Details	Domain	1	v1.yekfhsh.ru
Details	Domain	1	v1.fasefja.ru
Details	Domain	1	v1.hpifnad.ru
Details	Domain	1	77169.net
Details	Domain	1	www.77169.net
Details	Domain	18	sohu.com
Details	Domain	11	www.sohu.com
Details	Domain	42	tencent.com
Details	Domain	9	cloud.tencent.com
Details	Domain	41	bbs.kanxue.com
Details	File	1	然后启动并通过apc注入的方式注入系统进程svchost.exe
Details	File	7	windowssystem32svchost.exe
Details	File	1122	svchost.exe
Details	File	1	在svchost.exe
Details	File	1	2484d689.exe
Details	File	1	c39d5c50-e52b-3890-9a66-c4c1eff14215.exe
Details	File	1	跳过teamviewer.exe
Details	File	1	和tv_w32.exe
Details	File	1	185673.html
Details	File	1	user-home-868846.htm
Details	md5	1	9de070f6864bc64e0fcac70a0c881cfb
Details	md5	1	F5CD7C49DEF09E1DEBC4559F1A7EB3BB
Details	sha1	1	8b5c9c3f7ca2921542252b92d749696c75f617b2
Details	sha1	1	980c52cacd969f9524fbe254f5f42753654afa92
Details	sha256	1	d59d469759bce4bb41ffa92a617570770db3e9712a1da308301131f6806c8123
Details	sha256	1	763e1dd259fde007e1d1bb28c46b5941d44dad8754b9604485cf24682847f786
Details	Url	1	https://www.77169.net/html/185673.html
Details	Url	1	https://www.sohu.com/a/204633647_354899
Details	Url	1	https://cloud.tencent.com/developer/article/2318604
Details	Url	1	https://bbs.kanxue.com/user-home-868846.htm
Details	Windows Registry Key	1	HKEY_CURRENT_USERSoftwareClassesCLSID
Details	Windows Registry Key	6	HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun