HookAds Campaign Leads to RIG EK at 92.53.104.78
Tags
Common Information
| Type | Value |
|---|---|
| UUID | fd2065a5-8587-49ac-bf9c-2a025d230419 |
| Fingerprint | fba995452eb752c6 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 21, 2017, 1:41 a.m. |
| Added to db | Jan. 18, 2023, 9:59 p.m. |
| Last updated | Nov. 15, 2024, 12:49 a.m. |
| Headline | HookAds Campaign Leads to RIG EK at 92.53.104.78 |
| Title | HookAds Campaign Leads to RIG EK at 92.53.104.78 |
| Detected Hints/Tags/Attributes | 27/2/62 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | milliption.gdn |
|
| Details | Domain | 1 | decipio.gdn |
|
| Details | Domain | 1 | africal.gdn |
|
| Details | Domain | 1 | vessed.gdn |
|
| Details | Domain | 1 | resourdish.gdn |
|
| Details | Domain | 1 | wow1.paramework.xyz |
|
| Details | Domain | 1 | psittan.gdn |
|
| Details | Domain | 1 | wow3.paramework.xyz |
|
| Details | Domain | 1 | wow2.paramework.xyz |
|
| Details | Domain | 1 | coolinin.gdn |
|
| Details | Domain | 1 | procody.gdn |
|
| Details | Domain | 2 | slightfall.gdn |
|
| Details | Domain | 1 | restribe.gdn |
|
| Details | Domain | 27 | seznam.cz |
|
| Details | Domain | 1 | werned.gdn |
|
| Details | Domain | 1 | westponent.gdn |
|
| Details | Domain | 1 | confidely.gdn |
|
| Details | Domain | 1 | elecommon.gdn |
|
| Details | Domain | 1 | cominents.gdn |
|
| Details | Domain | 2 | wallther.gdn |
|
| Details | Domain | 2 | dravitalia.gdn |
|
| Details | Domain | 1 | paltruise.gdn |
|
| Details | Domain | 1 | irritorian.gdn |
|
| Details | Domain | 2 | unexperic.gdn |
|
| Details | Domain | 1 | centuation.gdn |
|
| Details | Domain | 2 | germante.gdn |
|
| Details | Domain | 2 | thousales.gdn |
|
| Details | Domain | 2 | zachael.gdn |
|
| Details | Domain | 2 | chromotor.gdn |
|
| Details | Domain | 2 | wrapsing.gdn |
|
| Details | Domain | 1 | seconquest.gdn |
|
| Details | Domain | 2 | hickenzi.gdn |
|
| Details | Domain | 2 | sidentitis.gdn |
|
| Details | Domain | 2 | concephall.gdn |
|
| Details | Domain | 2 | neveraged.gdn |
|
| Details | Domain | 2 | havenhoek.gdn |
|
| Details | Domain | 2 | dispanic.gdn |
|
| Details | Domain | 2 | discussels.gdn |
|
| Details | Domain | 2 | explosin.gdn |
|
| Details | Domain | 2 | austribach.gdn |
|
| Details | Domain | 2 | rulence.gdn |
|
| Details | Domain | 2 | patteriod.gdn |
|
| Details | Domain | 2 | sebrisburg.gdn |
|
| Details | Domain | 2 | becomple.gdn |
|
| Details | Domain | 2 | entrary.gdn |
|
| Details | Domain | 2 | mormous.gdn |
|
| Details | Domain | 2 | temp.levvi.com |
|
| Details | Domain | 81 | blog.malwarebytes.com |
|
| Details | Domain | 179 | hotmail.com |
|
| Details | 3 | seoboss@seznam.cz |
||
| Details | 2 | whois-protect@hotmail.com |
||
| Details | File | 1 | 06amrddi.exe |
|
| Details | File | 1 | m73hwg6i.exe |
|
| Details | File | 52 | exploit.swf |
|
| Details | sha256 | 1 | 14be41a97b8d0b4cb626f1a659ba895847436e68721a8119e7ddd05b6cd3d69d |
|
| Details | sha256 | 1 | 14fcca3094cef0d5bff90a09eca427ff3975ed15265d46207c2e8b124619df62 |
|
| Details | IPv4 | 2 | 92.53.104.78 |
|
| Details | IPv4 | 2 | 62.75.195.128 |
|
| Details | IPv4 | 1 | 209.126.118.91 |
|
| Details | IPv4 | 1 | 47.90.202.68 |
|
| Details | Mandiant Temporary Group Assumption | 2 | TEMP.LEVVI |
|
| Details | Url | 2 | https://blog.malwarebytes.com/cybercrime/exploits/2016/11/the-hookads-malvertising-campaign |