Analysis of new active malware: MediaArena – PUA
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Search Engines - T1593.002 Software - T1592.002 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID f89eaa37-2baf-484b-8f72-1dc91938b7ae
Fingerprint cd40c9528827a406
Analysis status DONE
Considered CTI value 2
Text language
Published July 21, 2023, midnight
Added to db June 12, 2023, 5:50 p.m.
Last updated Nov. 13, 2024, 5:37 a.m.
Headline Analysis of new active malware: MediaArena – PUA
Title Analysis of new active malware: MediaArena – PUA
Detected Hints/Tags/Attributes 36/2/16
Source URLs
Redirection Url
Details Source https://northwave-cybersecurity.com/threat-intel-research/analysis-of-new-active-malware-mediaarena-pua
URL Provider
Details Provider Source level domain
Details northwave-cybersecurity.com northwave-cybersecurity.com
Attributes
Details Type #Events CTI Value
Details Domain 3 
goto.searchpoweronline.com
Details Domain 12 
www.pcrisk.com
Details File 3 
pdfpower.exe
Details File 41 
rpcrt4.dll
Details File 31 
newtonsoft.json
Details File 1 
wpfscreenhelper.dll
Details File 1 
lz4.dll
Details sha256 1 
5e1cec9e9011fc96638620a2ca8e08eeaeaea8a28c47fe619082abcc6794aebc
Details sha256 1 
e9fad9727b8a66e6b593d8b416f1c60b692ffc91b72e14bb30c40a1ce9b6a260
Details sha256 3 
e248b01e3ccde76b4d8e8077d4fcb4d0b70e5200bf4e738b45a0bd28fbc2cae6
Details sha256 2 
b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3
Details sha256 1 
cd2b9cf8489cca6b357bc2706a68f5a12aeb696380ce7371803d68f08e337630
Details sha256 1 
6d37baeb841bcf6c4935a54f29df049d405df48345014cc12852b814d279d86e
Details IPv4 109 
1.0.0.0
Details Url 1 
https://www.virustotal.com/gui/file/e248b01e3ccde76b4d8e8077d4fcb4d0b70e5200bf4e738b45a0bd28fbc2cae6
Details Url 1 
https://www.pcrisk.com/removal-guides/25081-searchpoweronline-com-browser-hijacker