Tag: Betabot
E
EITest Gate at 31.184.193.179 Leads to Rig EK at 185.117.73.220 and Drops What Appears to be Betabot
IOCs: 198.15.70.67 – azarsenalsc[.]org – Compromised Site 31.184.193.179 – aliancaadm.top – EITest Gate 185.117.73.220 – zio11q.oa3ri8.top – Rig EK 103.243.38.25 – b.uandmearertyasport1.com – POST /direct/mail9/order.php – Betabot 103.234.37.4 – GET /rd927.exe – Post infection download 66.55.153.57 – and30.blabladomdom.com – POST /bla30/gate.php 104.223.89.174 – and30.blabladomdom.com – POST /bla30/gate.php 107.155.99.135 – and30.blabladomdom.com – POST /bla30/gate.php Reference for ...
Malware breakdown 