ioc[.]one - OSINT Cyber Threat Intelligence Database

Combing Through Brushaloader Amid Massive Detection Uptick

Tags

country:	Germany Italy Poland
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Network Security Appliances - T1590.006 Powershell - T1059.001 Screen Capture - T1513 Server - T1583.004 Server - T1584.004 Visual Basic - T1059.005 Tool - T1588.002 Powershell - T1086 Screen Capture - T1113 Scripting - T1064 Screen Capture Scripting

Show in Graph

Common Information

Type	Value
UUID	1358fbf7-4d86-4a43-b56e-6ef96f20a6d7
Fingerprint	a6a418b3087d93c1
Analysis status	DONE
Considered CTI value	0
Text language
Published	Feb. 20, 2019, 11:27 a.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 6:30 p.m.
Headline	Vulnerability Information
Title	Combing Through Brushaloader Amid Massive Detection Uptick
Detected Hints/Tags/Attributes	93/3/92

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2019/02/combing-through-brushaloader.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	emailerservo.science
Details	Domain	707	google.com
Details	Domain	5	www.ti.com
Details	Domain	151	www.bbc.com
Details	Domain	904	snort.org
Details	Domain	1	cheapairlinediscount.site
Details	Domain	1	faxpctodaymessage.press
Details	Domain	1	faxpctodaymessage.space
Details	Domain	1	faxpctodaymessage.website
Details	Domain	1	faxzmessageservice.club
Details	Domain	1	fazadminmessae.info
Details	Domain	1	housecleaning.press
Details	Domain	1	hrent.site
Details	Domain	1	irepare.site
Details	Domain	1	macmall.fun
Details	Domain	1	managerdriver.website
Details	Domain	1	mantorsagcoloms.club
Details	Domain	1	mediaaplayer.win
Details	Domain	1	mobileshoper.science
Details	Domain	1	plomnetus.club
Details	Domain	1	ppservice.stream
Details	Domain	1	progresservesmail.science
Details	Domain	1	proservesmail.science
Details	Domain	1	proservesmailing.science
Details	Domain	1	searchidriverip.space
Details	Domain	1	servemai.science
Details	Domain	1	servemaining.science
Details	Domain	1	serveselitmail.science
Details	Domain	1	serveselitmailer.science
Details	Domain	1	servesmailelit.science
Details	Domain	1	servesmailerpro.science
Details	Domain	1	servesmailerprogres.science
Details	Domain	1	servespromail.science
Details	Domain	1	servicemaile.science
Details	Domain	1	serviveemail.science
Details	Domain	1	servoemail.science
Details	Domain	1	servomail.science
Details	Domain	1	mailsssssssssssdddaas.com
Details	Domain	1	www.wikipedia.000212.nl
Details	Domain	1	wikipedia.112000212.com
Details	File	23	about.php
Details	IPv4	1	162.251.166.72
Details	IPv4	1	192.3.204.226
Details	IPv4	1	107.173.193.242
Details	IPv4	1	107.173.193.243
Details	IPv4	1	107.173.193.244
Details	IPv4	1	107.173.193.246
Details	IPv4	1	107.173.193.247
Details	IPv4	1	107.173.193.248
Details	IPv4	1	107.173.193.249
Details	IPv4	1	107.173.193.250
Details	IPv4	1	107.173.193.251
Details	IPv4	1	107.173.193.252
Details	IPv4	1	107.173.193.253
Details	IPv4	1	172.245.159.130
Details	IPv4	2	185.212.44.114
Details	IPv4	1	192.3.204.228
Details	IPv4	1	192.3.204.229
Details	IPv4	1	192.3.204.231
Details	IPv4	1	192.3.204.232
Details	IPv4	1	192.3.204.233
Details	IPv4	1	192.3.204.234
Details	IPv4	1	192.3.204.235
Details	IPv4	1	192.3.204.236
Details	IPv4	1	192.3.204.237
Details	IPv4	1	192.3.207.115
Details	IPv4	1	192.3.207.116
Details	IPv4	1	192.3.207.117
Details	IPv4	1	192.3.207.118
Details	IPv4	1	192.3.207.119
Details	IPv4	1	192.3.207.120
Details	IPv4	1	192.3.207.123
Details	IPv4	1	192.3.207.124
Details	IPv4	1	192.3.207.125
Details	IPv4	1	192.3.207.126
Details	IPv4	1	192.3.31.211
Details	IPv4	1	192.3.31.214
Details	IPv4	1	192.3.45.90
Details	IPv4	1	192.3.45.91
Details	IPv4	1	192.3.45.92
Details	IPv4	1	192.3.45.93
Details	IPv4	1	192.3.45.94
Details	IPv4	1	64.110.25.146
Details	IPv4	1	64.110.25.147
Details	IPv4	1	64.110.25.148
Details	IPv4	1	64.110.25.150
Details	IPv4	1	64.110.25.151
Details	IPv4	1	64.110.25.152
Details	IPv4	1	64.110.25.153
Details	IPv4	1	64.110.25.154
Details	Url	1	http://162.251.166.72/about.php?faxid=446708802&opt=
Details	Url	1	http://someserver/folder/file.pdf