ioc[.]one - OSINT Cyber Threat Intelligence Database

How to Stop the New Trickbot Spear Phishing Campaign | Area 1 Security, Inc.

Tags

country:	Russia United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Artificial Intelligence - T1588.007 Botnet - T1583.005 Botnet - T1584.005 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Email Accounts - T1585.002 Email Accounts - T1586.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566

Show in Graph

Common Information

Type	Value
UUID	2bd1c876-bf16-47f5-a1f4-247fc0fa2cde
Fingerprint	ef018cd90810e7ec
Analysis status	DONE
Considered CTI value	-2
Text language
Published	Aug. 23, 2022, 11:36 a.m.
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 6:50 p.m.
Headline	UNKNOWN
Title	How to Stop the New Trickbot Spear Phishing Campaign \| Area 1 Security, Inc.
Detected Hints/Tags/Attributes	83/3/28

Source URLs

	Redirection	Url
Details	Source	https://www.area1security.com/blog/trickbot-spear-phishing-drops-bazar-buer-malware/

URL Provider

Details	Provider	Source level domain
Details	area1security.com	www.area1security.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	tees321.com
Details	Domain	1	centraldispatchinc.com
Details	Domain	1	www.4rentorlando.com
Details	Domain	2	files.constantcontact.com
Details	File	1	50f95d03-8af1-4396-ac84-d6a7f1212026.pdf
Details	md5	1	dbdb5ddd07075b5b607460ea441cea19
Details	sha1	1	895d84fc6015a9ad8d1507a99fb44350fb462c79
Details	sha256	1	a3b2528b5e31ab1b82e68247a90ddce9a1237b2994ec739beb096f71d58e3d5b
Details	IPv4	1441	127.0.0.1
Details	IPv4	4	95.174.65.241
Details	IPv4	1	195.16.195.195
Details	IPv4	6	192.71.245.208
Details	IPv4	6	176.126.70.119
Details	IPv4	4	151.80.222.79
Details	IPv4	5	94.16.114.254
Details	IPv4	7	193.183.98.66
Details	IPv4	6	51.254.25.115
Details	Url	1	https://tees321.com/document3-90.exe
Details	Url	1	https://centraldispatchinc.com/report10-13.exe
Details	Url	1	https://www.4rentorlando.com/text_report.exe
Details	Url	2	https://files.constantcontact.com/0d2efd83801/50f95d03-8af1-4396-ac84-d6a7f1212026.pdf
Details	Url	1	https://docs.google.com/document/d/e/2pacx-1vqzfpgblrnsipbklm51_9p78djbhxmmlemzqujxx9roupkmn3xyx1zbejp2jo5_chbzoqidvnwpeazu/pub
Details	Url	1	https://docs.google.com/document/d/e/2pacx-1vrhlu8ar86crhtwsp7rsystmtabnsptq4q3mic9uizn-hz06co8fuzsiieus9selqhdu4t51ygcejnu/pub
Details	Url	2	https://docs.google.com/document/d/e/2pacx-1vtvchkzmdsd2wx03gtnybtoo4xvldfgqtfwziz5bt5ctrozw4xk5h6ger0gmscspqnpyftokphdl-_u/pub
Details	Url	1	https://files.constantcontact.com/5e536f60101/8c5d270a-897a-4ac8-845a-86c920bf229c.pdf
Details	Url	1	https://files.constantcontact.com/defde16c001/0aa90d3a-932f-4343-8661-22e4f6488705.pdf
Details	Url	1	https://docs.google.com/document/d/e/2pacx-1vsluktrrov3hu60c_n8lwfpoqbdyjj-n10g4tn14hbfmdairgkl9rc4vntrydlerwu0aht7wwbzwu9q/pub
Details	Url	1	https://docs.google.com/document/d/e/2pacx-1vrflfuwrihaqhjgeps8-dm7y3vxefrpiujujmd9vm6y3xvssg9vc3xxrnbyhqziowq_5rebddbkoq0s/pub