Threat Advisory
Common Information
| Type | Value |
|---|---|
| UUID | 95ab19ae-7fa5-4b52-8815-6cbe42e121c8 |
| Fingerprint | e87e6e7711110725c50c0e817fb1dd4ecc0d0610d1eaf932fe51c5e1dd6e143e |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 15, 2023, 8:44 p.m. |
| Added to db | Feb. 7, 2024, 7:35 p.m. |
| Last updated | Aug. 31, 2024, 2:02 a.m. |
| Headline | Threat Advisory |
| Title | Threat Advisory |
| Detected Hints/Tags/Attributes | 152/3/178 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 8 | fleetdeck.io |
|
| Details | Domain | 2 | victimname-okta.com |
|
| Details | Domain | 1 | 53help.org |
|
| Details | Domain | 1 | workatbbt.com |
|
| Details | Domain | 1 | bbtplus.com |
|
| Details | Domain | 1 | dashsso.com |
|
| Details | Domain | 1 | telnyx-sso.com |
|
| Details | Domain | 1 | bbt-hr.com |
|
| Details | Domain | 1 | grayscale-sso.com |
|
| Details | Domain | 1 | ssopodium.com |
|
| Details | Domain | 1 | telnyxsso.com |
|
| Details | Domain | 1 | trustsso.com |
|
| Details | Domain | 1 | freshworks-sso.net |
|
| Details | Domain | 1 | bbtemps.com |
|
| Details | Domain | 1 | freshworksso.com |
|
| Details | Domain | 1 | grayscalesso.com |
|
| Details | Domain | 1 | freshworks-sso.com |
|
| Details | Domain | 1 | postmarksso.com |
|
| Details | Domain | 1 | ssotelnyx.com |
|
| Details | Domain | 1 | cashsso.com |
|
| Details | Domain | 1 | hubsso.net |
|
| Details | Domain | 1 | intercomsso.net |
|
| Details | Domain | 1 | podiumsso.com |
|
| Details | Domain | 1 | klaviyocorp.net |
|
| Details | Domain | 1 | graysso.com |
|
| Details | Domain | 1 | att-my.com |
|
| Details | Domain | 1 | bbtvpn.com |
|
| Details | Domain | 1 | telesignsso.com |
|
| Details | Domain | 1 | aitice-usa.com |
|
| Details | Domain | 1 | att-networks.net |
|
| Details | Domain | 1 | connect-cox.com |
|
| Details | Domain | 1 | asurionsso.com |
|
| Details | Domain | 1 | fedsso.net |
|
| Details | Domain | 1 | victrasso.net |
|
| Details | Domain | 1 | activesso.comassurionsso.net |
|
| Details | Domain | 1 | actlvecampaign.net |
|
| Details | Domain | 1 | gryscale-ox0d.com |
|
| Details | Domain | 1 | workbbt.com |
|
| Details | Domain | 1 | victrasso.com |
|
| Details | Domain | 1 | bbt-work.com |
|
| Details | Domain | 1 | my-twilio.com |
|
| Details | Domain | 1 | bbthour.com |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 435 | www.hivepro.com |
|
| Details | Domain | 14 | www.silentpush.com |
|
| Details | md5 | 5 | 1e5ad5c2ffffac9d3ab7d179566a7844 |
|
| Details | md5 | 5 | 56fd7145224989b92494a32e8fc6f6b6 |
|
| Details | md5 | 4 | 6639433341fd787762826b2f5a9cb202 |
|
| Details | md5 | 5 | 828699b4133acb69d34216dcd0a8376e |
|
| Details | sha1 | 4 | 0272b018518fef86767b01a73213716708acbb80 |
|
| Details | sha1 | 5 | 10b9da621a7f38a02fea26256db60364d600df85 |
|
| Details | sha1 | 5 | d8cb0d5bbeb20e08df8d2e75d7f4e326961f1bf5 |
|
| Details | sha1 | 5 | ec37d483c3c880fadc8d048c05777a91654e41d3 |
|
| Details | IPv4 | 4 | 159.223.213.174 |
|
| Details | IPv4 | 4 | 169.150.203.51 |
|
| Details | IPv4 | 5 | 37.19.200.142 |
|
| Details | IPv4 | 5 | 37.19.200.155 |
|
| Details | IPv4 | 13 | 144.76.136.153 |
|
| Details | IPv4 | 5 | 119.93.5.239 |
|
| Details | IPv4 | 5 | 146.70.103.228 |
|
| Details | IPv4 | 5 | 185.195.19.206 |
|
| Details | IPv4 | 5 | 198.54.133.45 |
|
| Details | IPv4 | 4 | 198.54.133.52 |
|
| Details | IPv4 | 5 | 37.19.200.151 |
|
| Details | IPv4 | 5 | 45.134.140.177 |
|
| Details | IPv4 | 5 | 45.86.200.81 |
|
| Details | IPv4 | 5 | 89.46.114.66 |
|
| Details | IPv4 | 3 | 100.35.70.106 |
|
| Details | IPv4 | 3 | 136.144.19.51 |
|
| Details | IPv4 | 3 | 136.144.43.81 |
|
| Details | IPv4 | 3 | 142.93.229.86 |
|
| Details | IPv4 | 3 | 143.244.214.243 |
|
| Details | IPv4 | 3 | 146.70.107.71 |
|
| Details | IPv4 | 3 | 146.70.112.126 |
|
| Details | IPv4 | 3 | 146.70.127.42 |
|
| Details | IPv4 | 3 | 146.70.45.166 |
|
| Details | IPv4 | 3 | 146.70.45.182 |
|
| Details | IPv4 | 4 | 152.89.196.111 |
|
| Details | IPv4 | 3 | 162.118.200.173 |
|
| Details | IPv4 | 3 | 172.98.33.195 |
|
| Details | IPv4 | 3 | 173.239.204.129 |
|
| Details | IPv4 | 3 | 173.239.204.130 |
|
| Details | IPv4 | 3 | 173.239.204.131 |
|
| Details | IPv4 | 3 | 173.239.204.132 |
|
| Details | IPv4 | 3 | 173.239.204.133 |
|
| Details | IPv4 | 3 | 173.239.204.134 |
|
| Details | IPv4 | 3 | 180.190.113.87 |
|
| Details | IPv4 | 4 | 185.120.144.101 |
|
| Details | IPv4 | 4 | 185.123.143.197 |
|
| Details | IPv4 | 3 | 185.123.143.201 |
|
| Details | IPv4 | 3 | 185.123.143.205 |
|
| Details | IPv4 | 3 | 185.123.143.217 |
|
| Details | IPv4 | 3 | 185.156.46.141 |
|
| Details | IPv4 | 3 | 185.163.109.66 |
|
| Details | IPv4 | 6 | 185.181.102.18 |
|
| Details | IPv4 | 4 | 185.195.19.207 |
|
| Details | IPv4 | 4 | 185.202.220.239 |
|
| Details | IPv4 | 4 | 185.202.220.65 |
|
| Details | IPv4 | 4 | 185.240.244.3 |
|
| Details | IPv4 | 4 | 185.247.70.229 |
|
| Details | IPv4 | 4 | 185.45.15.217 |
|
| Details | IPv4 | 5 | 185.56.80.28 |
|
| Details | IPv4 | 4 | 188.166.101.65 |
|
| Details | IPv4 | 4 | 188.166.117.31 |
|
| Details | IPv4 | 4 | 188.214.129.7 |
|
| Details | IPv4 | 4 | 192.166.244.248 |
|
| Details | IPv4 | 4 | 193.27.13.184 |
|
| Details | IPv4 | 4 | 193.37.255.114 |
|
| Details | IPv4 | 4 | 194.37.96.188 |
|
| Details | IPv4 | 4 | 195.206.105.118 |
|
| Details | IPv4 | 4 | 198.44.136.180 |
|
| Details | IPv4 | 5 | 217.138.198.196 |
|
| Details | IPv4 | 5 | 217.138.222.94 |
|
| Details | IPv4 | 4 | 23.106.248.251 |
|
| Details | IPv4 | 4 | 31.222.238.70 |
|
| Details | IPv4 | 3 | 45.132.227.211 |
|
| Details | IPv4 | 6 | 45.132.227.213 |
|
| Details | IPv4 | 5 | 45.91.21.61 |
|
| Details | IPv4 | 4 | 5.182.37.59 |
|
| Details | IPv4 | 4 | 51.210.161.12 |
|
| Details | IPv4 | 4 | 51.89.138.221 |
|
| Details | IPv4 | 4 | 62.182.98.170 |
|
| Details | IPv4 | 3 | 64.190.113.28 |
|
| Details | IPv4 | 5 | 67.43.235.122 |
|
| Details | IPv4 | 3 | 68.235.43.20 |
|
| Details | IPv4 | 3 | 68.235.43.21 |
|
| Details | IPv4 | 4 | 82.180.146.31 |
|
| Details | IPv4 | 4 | 89.46.114.164 |
|
| Details | IPv4 | 4 | 91.242.237.100 |
|
| Details | IPv4 | 3 | 93.115.7.238 |
|
| Details | IPv4 | 4 | 98.100.141.70 |
|
| Details | IPv4 | 3 | 18.206.107.24 |
|
| Details | Mandiant Uncategorized Groups | 111 | UNC3944 |
|
| Details | MITRE ATT&CK Techniques | 16 | T1657 |
|
| Details | MITRE ATT&CK Techniques | 126 | T1567 |
|
| Details | MITRE ATT&CK Techniques | 9 | T1585.001 |
|
| Details | MITRE ATT&CK Techniques | 13 | T1585 |
|
| Details | MITRE ATT&CK Techniques | 409 | T1566 |
|
| Details | MITRE ATT&CK Techniques | 17 | T1660 |
|
| Details | MITRE ATT&CK Techniques | 3 | T1566.004 |
|
| Details | MITRE ATT&CK Techniques | 52 | T1199 |
|
| Details | MITRE ATT&CK Techniques | 71 | T1078.002 |
|
| Details | MITRE ATT&CK Techniques | 306 | T1078 |
|
| Details | MITRE ATT&CK Techniques | 4 | T1648 |
|
| Details | MITRE ATT&CK Techniques | 420 | T1204 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1136 |
|
| Details | MITRE ATT&CK Techniques | 6 | T1556.006 |
|
| Details | MITRE ATT&CK Techniques | 33 | T1556 |
|
| Details | MITRE ATT&CK Techniques | 13 | T1484.002 |
|
| Details | MITRE ATT&CK Techniques | 39 | T1484 |
|
| Details | MITRE ATT&CK Techniques | 4 | T1578.002 |
|
| Details | MITRE ATT&CK Techniques | 11 | T1578 |
|
| Details | MITRE ATT&CK Techniques | 9 | T1656 |
|
| Details | MITRE ATT&CK Techniques | 8 | T1606 |
|
| Details | MITRE ATT&CK Techniques | 14 | T1621 |
|
| Details | MITRE ATT&CK Techniques | 89 | T1552.001 |
|
| Details | MITRE ATT&CK Techniques | 26 | T1552.004 |
|
| Details | MITRE ATT&CK Techniques | 113 | T1552 |
|
| Details | MITRE ATT&CK Techniques | 29 | T1217 |
|
| Details | MITRE ATT&CK Techniques | 4 | T1538 |
|
| Details | MITRE ATT&CK Techniques | 585 | T1083 |
|
| Details | MITRE ATT&CK Techniques | 243 | T1018 |
|
| Details | MITRE ATT&CK Techniques | 99 | T1539 |
|
| Details | MITRE ATT&CK Techniques | 159 | T1021 |
|
| Details | MITRE ATT&CK Techniques | 4 | T1021.007 |
|
| Details | MITRE ATT&CK Techniques | 9 | T1213.003 |
|
| Details | MITRE ATT&CK Techniques | 16 | T1213.002 |
|
| Details | MITRE ATT&CK Techniques | 56 | T1213 |
|
| Details | MITRE ATT&CK Techniques | 67 | T1074 |
|
| Details | MITRE ATT&CK Techniques | 89 | T1114 |
|
| Details | MITRE ATT&CK Techniques | 19 | T1530 |
|
| Details | MITRE ATT&CK Techniques | 141 | T1219 |
|
| Details | MITRE ATT&CK Techniques | 472 | T1486 |
|
| Details | MITRE ATT&CK Techniques | 100 | T1567.002 |
|
| Details | Microsoft Threat Actor Naming Taxonomy (Groups in development) | 6 | Storm-0875 |
|
| Details | Url | 2 | https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a |
|
| Details | Url | 1 | https://www.hivepro.com/threat-advisory/attackers-target-telecommunications-sector-to-gain- |
|
| Details | Url | 2 | https://www.silentpush.com/blog/scattered-spider |