Threat actors use copyright infringement phishing lure to deploy infostealers
Tags
cmtmf-attack-pattern: Masquerading Process Injection
country: Hong Kong Taiwan U.S. Virgin Islands
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Process Injection - T1631 Server - T1583.004 Server - T1584.004 Software - T1592.002 Browser Extensions - T1176 Masquerading - T1036 Process Injection - T1055 Masquerading
Show in Graph
Common Information
Type Value
UUID 10034988-a529-4dc5-8cad-c2c46c2fa59f
Fingerprint a4701935197a83cb
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 31, 2024, 9:37 a.m.
Added to db Oct. 31, 2024, 2:43 p.m.
Last updated Nov. 14, 2024, 10:54 p.m.
Headline Cisco Talos Blog
Title Threat actors use copyright infringement phishing lure to deploy infostealers
Detected Hints/Tags/Attributes 80/4/14
Source URLs
Redirection Url
Details Source https://blog.talosintelligence.com/threat-actors-use-copyright-infringement-phishing-lure-to-deploy-infostealers/
URL Provider
Details Provider Source level domain
Details talosintelligence.com blog.talosintelligence.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 68 Cisco Talos Blog https://blog.talosintelligence.com/rss/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 29 
appspot.com
Details Domain 904 
snort.org
Details File 2 
copyrighted.exe
Details File 2 
的影片內容遭到侵犯版權.exe
Details File 2 
infringed.exe
Details File 6 
ltd.exe
Details File 3 
inc.exe
Details File 2 
group.exe
Details File 2 
-宣布侵權.exe
Details File 2 
infringement.exe
Details File 2 
ffupdaar.exe
Details File 3 
%systemroot%\system32\dialer.exe
Details File 27 
msctf.asm
Details Windows Registry Key 582 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run