DEV-0538 | Hackers Targeting Recruiters
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Direct Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 |
Common Information
| Type | Value |
|---|---|
| UUID | 13a81e66-9248-428b-9cd6-1173a3aecb95 |
| Fingerprint | a68119758e75e7cb |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 16, 2023, 2:01 p.m. |
| Added to db | May 16, 2023, 4:21 p.m. |
| Last updated | Nov. 15, 2024, 4:38 p.m. |
| Headline | DEV-0538 | Hackers Targeting Recruiters |
| Title | DEV-0538 | Hackers Targeting Recruiters |
| Detected Hints/Tags/Attributes | 34/2/26 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | sophia-lagoon.net |
|
| Details | Domain | 1 | manager.zip |
|
| Details | Domain | 58 | www.shodan.io |
|
| Details | Domain | 1 | experience.lnk.zip |
|
| Details | Domain | 911 | any.run |
|
| Details | Domain | 87 | app.any.run |
|
| Details | File | 1 | manager.zip |
|
| Details | File | 1 | lic.jpg |
|
| Details | File | 1 | sophia+lagoon+cv.pdf |
|
| Details | File | 11 | ie4uinit.exe |
|
| Details | File | 1 | e4uinit.exe |
|
| Details | File | 1 | lnk.zip |
|
| Details | md5 | 1 | ACA03178C248B32343B03F4B9ACCE1B9 |
|
| Details | sha256 | 1 | 9be7e15234e9c9769076280b8fcae753a649e44b3e0df82ae2edf275039e74e0 |
|
| Details | sha256 | 1 | c989cdcac84546c25258b480bee6d2f7ed27d41cb4538428be1649f522e4acdc |
|
| Details | sha256 | 1 | 72daf26f6e15058a9fc47f3ba2bae13f5c3129b97c70ff484906a25e0ce7273b |
|
| Details | sha256 | 1 | 930506fba48983058ac1320684a8ab9d372d7d83265806fe995c6895964b3484 |
|
| Details | IPv4 | 1 | 142.11.222.59 |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 1 | DEV-0538 |
|
| Details | Url | 1 | https://sophia-lagoon.net |
|
| Details | Url | 1 | https://www.virustotal.com/gui/file/9be7e15234e9c9769076280b8fcae753a649e44b3e0df82ae2edf275039e74e0/detection |
|
| Details | Url | 1 | https://www.virustotal.com/gui/file/72daf26f6e15058a9fc47f3ba2bae13f5c3129b97c70ff484906a25e0ce7273b/relations |
|
| Details | Url | 1 | https://www.virustotal.com/gui/file/930506fba48983058ac1320684a8ab9d372d7d83265806fe995c6895964b3484/detection |
|
| Details | Url | 1 | https://www.shodan.io/host/142.11.222.59 |
|
| Details | Url | 1 | https://sophia-lagoon.net/sales-manager |
|
| Details | Url | 1 | https://app.any.run/tasks/6732da67-85cb-42bb-a279-9b195ee0e76a |