Terror exploit kit goes HTTPS all the way | Malwarebytes Labs
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malvertising - T1583.008 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 0c68e561-e66d-4122-b19e-bd67a4af9c8b
Fingerprint b0310eb48284f3c1
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 27, 2017, midnight
Added to db Jan. 18, 2023, 8:35 p.m.
Last updated Nov. 19, 2024, 3:46 p.m.
Headline Terror exploit kit goes HTTPS all the way
Title Terror exploit kit goes HTTPS all the way | Malwarebytes Labs
Detected Hints/Tags/Attributes 37/2/17
Source URLs
Redirection Url
Details Source https://blog.malwarebytes.com/threat-analysis/2017/11/terror-exploit-kit-goes-https-all-the-way/
URL Provider
Details Provider Source level domain
Details malwarebytes.com blog.malwarebytes.com
Attributes
Details Type #Events CTI Value
Details Domain 7 
expedia.com
Details Domain 1 
580773189093524.mistake-hexagon.science
Details Domain 1 
319561824482067.mistake-hexagon.science
Details Domain 1 
239878215504660.mistake-hexagon.science
Details Domain 1 
828990124673515.mistake-hexagon.science
Details Domain 1 
serve.mfaif.popads.net
Details Domain 1 
yakset.accountant
Details Domain 1 
dimplethan.stream
Details Domain 1 
edgeelse.science
Details File 1 
haxit.php
Details sha1 1 
73fdc41268fc8b53d37d66bf63fdf71fdf111803
Details sha1 1 
60add6955d23029a571be7f0079c941631cad32f
Details sha256 1 
3579870858e68d317bb907b6362d956a80f3973c823021d452a077fd90719cdf
Details sha256 1 
99d6c4830605ed61e444c002193da4efe3bc7d015ad230624a2c9aae81982740
Details sha256 1 
a8a8b5ed76019c17add5101b157ab9c288a709a323d8c12dbae934c7ec6e1d14
Details IPv4 1 
188.226.179.53
Details IPv4 1 
188.226.180.230