Ande Loader Leads to 0bj3ctivity Stealer Infection

    Monday, August 12, 2024 In: Threat Research Print

    Date: 08/12/2024

    Severity: Medium

    Summary

    "Ande Loader Leads to 0bj3ctivity Stealer Infection" refers to a cyber attack where Ande Loader malware is used to deliver and install the 0bj3ctivity Stealer, a data-stealing Trojan. The Ande Loader acts as the initial vector, enabling the deployment of the 0bj3ctivity Stealer, which then extracts sensitive information from the infected system.

    Indicators of Compromise (IOC) List

    URL/Domain

    pub-39c431b0c306497287a06e8cea23fa74.r2.dev

    https://whatismyipaddressnow.co/API/FETCH/filter.php?countryid=14&token=FEzEd9JbsoLF

    Hash

    41914711cfdaba63ddf1701270077855

d1c9c2c55d5c287ebdc9f9a7f5f2e630

42436fb03b579a159464fb2af53696f1

    Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

    URL/Domain

    userdomainname like "pub-39c431b0c306497287a06e8cea23fa74.r2.dev" or url like "pub-39c431b0c306497287a06e8cea23fa74.r2.dev" or userdomainname like "https://whatismyipaddressnow.co/API/FETCH/filter.php?countryid=14&token=FEzEd9JbsoLF" or url like "https://whatismyipaddressnow.co/API/FETCH/filter.php?countryid=14&token=FEzEd9JbsoLF"

    Hash

    md5hash IN ("41914711cfdaba63ddf1701270077855","d1c9c2c55d5c287ebdc9f9a7f5f2e630","42436fb03b579a159464fb2af53696f1")

    Reference: 

    https://www.esentire.com/blog/ande-loader-leads-to-0bj3ctivity-stealer-infection

     

     


    Tags

    MalwareTrojanData Stealer

    « Previous ArticleNext Article »

    Comments

    No records to display

    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2025 by Gurucul - All rights reserved.