otx.alienvault.com
Open in
urlscan Pro
13.32.121.88
Public Scan
URL:
https://otx.alienvault.com/pulse/64b8e768f68a3f09ef75672c
Submission: On July 20 via api from DE — Scanned from DE
Submission: On July 20 via api from DE — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× Loading... * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (300) Suggest Edit Clone Embed Download Report Spam BYOS - BUNDLE YOUR OWN STEALER - CHECK POINT RESEARCH * Created 1 hour ago by CyberHunter_NL * Public * TLP: White Check Point Research (CPR) provides an in-depth analysis of a new malware strain dubbed BundleBot, which uses a self-contained file format to create malware that can stay under the radar. Reference: https://research.checkpoint.com/2023/byos-bundle-your-own-stealer/ Tags: bundlebot, bundlebot stage, asmresolver, zip archive, facebook ads, check point, c2 web, bundlebot tcp, noteworthy, dotnet bundle, facebook, powershell, downloader, mario, ducktail, core, ilspy, discord, example, googleai.dll Malware Family: GoogleAI.dll Att&ck IDs: T1059 - Command and Scripting Interpreter , T1056 - Input Capture , T1104 - Multi-Stage Channels , T1036 - Masquerading , T1127 - Trusted Developer Utilities Proxy Execution , T1027 - Obfuscated Files or Information Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (74) * Related Pulses (2) * Comments (0) * History (0) FileHash-MD5 (2)Other (3)FileHash-SHA1 (2)FileHash-SHA256 (47)IPv4 (4)URL (15) TYPES OF INDICATORS Singapore (3)Czechia (1) THREAT INFRASTRUCTURE Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses URLhttps://github.com/dnSpyEx/dnSpy/releasesJul 20, 2023, 7:51:05 AM0URLhttps://drive.google.com/uc?id=1ypYJpu5pgaFRnXx64ZnCCfoGaUMYBt5E&export=download&confirm=tJul 20, 2023, 7:51:05 AM2URLhttps://drive.google.com/uc?id=1teMU5O6VYsRjH9GVQf1V7h5ya-3Ssbkn&export=download&confirm=tJul 20, 2023, 7:51:05 AM2URLhttps://drive.google.com/uc?id=1obRjbjOkXO3aCKKVa6BHKYqsROXRVmzL&export=download&confirm=tJul 20, 2023, 7:51:05 AM2URLhttps://drive.google.com/uc?id=1f6QEiRPXZ1GKKtu-G_d_iQ448xYPGfMC&export=download&confirm=tJul 20, 2023, 7:51:05 AM2URLhttps://drive.google.com/uc?id=1Uvyx_Fj7wF9cVnq3IwIAm5-i2IROsi0R&export=download&confirm=tJul 20, 2023, 7:51:05 AM2URLhttps://drive.google.com/uc?id=1-mC5c7o_B1VuS6dbQeDAAqLuPbfAV58O&export=download&confirm=tJul 20, 2023, 7:51:05 AM2URLhttps://drive.google.com/uc?id=1S2G8OmhMREHS8l24hG-BmGKINxEL_DD5&export=download&confirm=tJul 20, 2023, 7:51:05 AM2hostnamecp.bemilcoin.ioJul 20, 2023, 7:51:05 AM1domainruntime-configuration-file.mdJul 20, 2023, 7:51:05 AM0 SHOWING 1 TO 10 OF 74 ENTRIES 1 2 3 4 5 ... 8 Next COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2023 AlienVault, Inc. * Legal * Status