Reputational Hijacking with JamPlus: A New Technique to Bypass Smart App Control (SAC)
Tags
cmtmf-attack-pattern: Masquerading
country: Vietnam
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Python - T1059.006 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Browser Extensions - T1176 Masquerading - T1036 Masquerading
Show in Graph
Common Information
Type Value
UUID 175c3002-46d4-4826-bf5e-f83bfbcbecfb
Fingerprint b4640e09b036e72e
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 9, 2024, 12:36 p.m.
Added to db Sept. 9, 2024, 3:21 p.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline Reputational Hijacking with JamPlus: A New Technique to Bypass Smart App Control (SAC)
Title Reputational Hijacking with JamPlus: A New Technique to Bypass Smart App Control (SAC)
Detected Hints/Tags/Attributes 33/4/13
Source URLs
Redirection Url
Details Source https://thecyberexpress.com/reputational-hijacking-with-jamplus/
URL Provider
Details Provider Source level domain
Details thecyberexpress.com thecyberexpress.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 248 The Cyber Express https://thecyberexpress.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 291 
raw.githubusercontent.com
Details Domain 19 
document.zip
Details Domain 4128 
github.com
Details Domain 3 
sim.py
Details File 2 
capcut_7376550521366298640_installer.zip
Details File 2 
capcut.exe
Details File 2 
windowsafety.bat
Details File 16 
document.zip
Details File 3 
sim.py
Details Github username 4 
lonenone1807
Details Url 2 
https://www.dropbox.com/scl/fi/6se0kgmo7sbngtdf8r11x/capcut_7376550521366298640_installer.zip?rlkey=7fxladl3fdhpne6p7buz48kcl&st=pzxtrcqc&dl=1
Details Url 2 
https://raw.githubusercontent.com/lonenone1807/batman/main/startup
Details Url 2 
https://github.com/lonenone1807/batman/raw/main/document.zip