IHEATE

Description

(Trend Micro) These attacks targeting users in the United States used a variant of IXESHE which has been seen in Taiwan since 2009 named IHEATE. These showed some differences from known IXESHE variants: they had a different command-and-control (C&C) communication model and encryption methods.

One IHEATE sample we found contains the string “EMC112” as part of the C&C traffic. Such strings are frequently used to identify different campaigns. In this particular case, the 112 part of the string matched the malware sample’s compilation date of January 12.

Names

Name
IHEATE

Type

Backdoor
Info stealer
Exfiltration

Information

https://blog.trendmicro.com/trendlabs-security-intelligence/ixeshe-derivative-iheate-targets-users-america/

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:iheate

Other Information

Uuid

28292c71-c66a-450d-a2d0-d096f954e150

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

IHEATE

IHEATE

Description

Names

Category

Type

Information

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks