ioc[.]one - OSINT Cyber Threat Intelligence Database

Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant

Tags

country:	Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Inter-Process Communication - T1559 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	22151670-fe54-495e-ac56-a9f9bcf06272
Fingerprint	f4843d794db7968b
Analysis status	DONE
Considered CTI value	1
Text language
Published	Oct. 13, 2023, midnight
Added to db	Nov. 19, 2023, 10:06 p.m.
Last updated	Oct. 28, 2024, 5:56 p.m.
Headline	Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant
Title	Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant
Detected Hints/Tags/Attributes	69/3/15

Source URLs

	Redirection	Url
Details	Source	https://www.trendmicro.com/en_us/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_my/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_hk/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_se/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_dk/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_ie/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_sg/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_au/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_nl/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_be/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_id/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_nz/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_ae/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_gb/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_no/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html
Details	Source	https://www.trendmicro.com/en_fi/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	www.trendmicro.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	119	✔	Trend Micro Research, News and Perspectives	https://feeds.feedburner.com/TrendMicroSimplySecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	119		cve-2023-36884
Details	Domain	4		wplsummit.com
Details	Domain	3		wplsummit.org
Details	Domain	2		mctelemetryzone.com
Details	Domain	3		worldtimeapi.org
Details	Domain	2		redditanalytics.pm
Details	Domain	2		netstaticsinformation.com
Details	File	3		1-20230802t122531-002-sfx.exe
Details	File	75		favicon.ico
Details	File	1		trymenow.dll
Details	File	1		%public%\accountpictures\defender\security.dll
Details	File	8		security.dll
Details	IPv4	5		114.0.0.0
Details	Url	1		https://mctelemetryzone.com/favicon.ico
Details	Url	1		https://redditanalytics.pm/mi8xmzi0nty3odk