Tracking DangerousPassword Campaign by Lazarus Group - CYFIRMA
Tags
Common Information
Type | Value |
---|---|
UUID | 31a05cb2-c9c6-41e6-99b5-d5ad6cec0023 |
Fingerprint | 943439690d3ca8e3 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | June 7, 2023, 6:26 a.m. |
Added to db | Dec. 18, 2024, 10:34 p.m. |
Last updated | Dec. 22, 2024, 5:34 p.m. |
Headline | Tracking DangerousPassword Campaign by Lazarus Group |
Title | Tracking DangerousPassword Campaign by Lazarus Group - CYFIRMA |
Detected Hints/Tags/Attributes | 55/2/91 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 2 | datacentre.center |
|
Details | Domain | 3 | www.datacentre.center |
|
Details | Domain | 2 | onlinedocpage.org |
|
Details | Domain | 1 | onedocshare.com |
|
Details | Domain | 1 | gsachshr.com |
|
Details | Domain | 1 | docusign.agency |
|
Details | Domain | 1 | fsdriveshare.org |
|
Details | Domain | 1 | filesaves.cloud |
|
Details | Domain | 1 | trollinguneaten.org |
|
Details | Domain | 1 | pavestonecorset.com |
|
Details | Domain | 1 | dubbedfinally.link |
|
Details | Domain | 2 | 2021.zip |
|
Details | Domain | 2 | share.stablemarket.org |
|
Details | Domain | 1 | docs.gsheetpage.com |
|
Details | Domain | 2 | drive.cloudplus.one |
|
Details | Domain | 1 | file.fsdriveshare.org |
|
Details | Domain | 1 | ny.silvergatehr.com |
|
Details | Domain | 2 | www.docusign.agency |
|
Details | Domain | 2 | www.onlinedocpage.org |
|
Details | Domain | 1 | ilesaves.cloud |
|
Details | Domain | 1 | dmarc.fsdriveshare.org |
|
Details | Domain | 3 | doc.filesaves.cloud |
|
Details | Domain | 1 | license.cloudplus.one |
|
Details | Domain | 1 | link.onlinedocpage.org |
|
Details | Domain | 2 | note.onedocshare.com |
|
Details | Domain | 4 | product.onlinedoc.dev |
|
Details | Domain | 1 | share.cloudmgmt.org |
|
Details | Domain | 1 | share.fsdriveshare.org |
|
Details | Domain | 1 | sheet.tresordocs.com |
|
Details | Domain | 1 | support.pilotview.cloud |
|
Details | Domain | 1 | www.gsachshr.com |
|
Details | File | 66 | password.txt |
|
Details | File | 544 | mshta.exe |
|
Details | File | 2329 | cmd.exe |
|
Details | File | 435 | c:\windows\system32\cmd.exe |
|
Details | File | 1 | ni.exe |
|
Details | File | 127 | www.dat |
|
Details | File | 42 | c:\windows\system32\mshta.exe |
|
Details | File | 1 | distributions_matt.zip |
|
Details | File | 1 | gdoc.rar |
|
Details | File | 2 | 2021.zip |
|
Details | File | 1 | profits.docx |
|
Details | File | 51 | www.doc |
|
Details | md5 | 2 | 8aeba2cd6c97e43de6b8703b22a74ec5 |
|
Details | md5 | 2 | 76d0e527201b0d39fcbed2ceb5de51c1 |
|
Details | md5 | 2 | 26cb5fdcbdfccfa05399709d7dc12319 |
|
Details | md5 | 2 | 30ced44ccc466a0f0eda10f02c369eaf |
|
Details | md5 | 2 | 3c324706e3bae0b7187b134a813011cb |
|
Details | md5 | 2 | 42e6310ffbdd24cf9a2b5d200190359e |
|
Details | md5 | 1 | 4b9366f2dcab60d56d09e69e21d77d91 |
|
Details | md5 | 1 | 75733ee381ee80a07cfeddc6bddd91de |
|
Details | md5 | 1 | 791e527a2082e6207d1ac9b9b4550fdf |
|
Details | md5 | 2 | 84dd7ccb69d0010c97c1fc336650d5e2 |
|
Details | md5 | 1 | 8b9fee7600633e4017337d5b56613a59 |
|
Details | md5 | 1 | 8ce07870c4633f40d4f53d978b0a4334 |
|
Details | md5 | 2 | 934c7b7c31d84728f0086be9b80ee1e4 |
|
Details | md5 | 1 | a0c1ca01548be7690f2976742f068e67 |
|
Details | md5 | 1 | adefa310e925fcbd6f8aeea3bfb68afd |
|
Details | md5 | 1 | b139bb873c275a61730fbcb0145aed30 |
|
Details | md5 | 1 | bed99a09a68eb8f8b53d2a9d0ccc085a |
|
Details | md5 | 1 | c44d866adf8c6845b7dda742c59c6b59 |
|
Details | md5 | 1 | d0a5e14ce27abc2fa22a6bd7f4269e88 |
|
Details | md5 | 1 | e0d2e5a8cafdc137d4006a21a80d7c8e |
|
Details | md5 | 1 | dec25c57bdc8c945ba975d0f693243cb |
|
Details | IPv4 | 1 | 149.28.162.113 |
|
Details | MITRE ATT&CK Techniques | 485 | T1055 |
|
Details | MITRE ATT&CK Techniques | 581 | T1112 |
|
Details | MITRE ATT&CK Techniques | 65 | T1218.005 |
|
Details | MITRE ATT&CK Techniques | 257 | T1497 |
|
Details | MITRE ATT&CK Techniques | 520 | T1012 |
|
Details | MITRE ATT&CK Techniques | 190 | T1120 |
|
Details | Url | 1 | https://www.datacentre.center/sxsm |
|
Details | Url | 2 | https://www.datacentre.center/9ahgt1mqmoqhcswl5mm3mscuqvya9tryl/xm7lfcb9c |
|
Details | Url | 1 | http://share.stablemarket.org/s1iplkwyhi |
|
Details | Url | 1 | http://share.stablemarket.org/y5qboqiilbomxcjprfzyilsvyddx/p1xm4didmkxl3i |
|
Details | Url | 1 | https://docs.gsheetpage.com/oqkob0q32czsiijgsw |
|
Details | Url | 1 | https://drive.cloudplus.one/oq6pgiji |
|
Details | Url | 1 | https://drive.cloudplus.one/uhrdxjlm9w/srvifnoxscv94o6rneakrszugh3vgpr4 |
|
Details | Url | 1 | https://file.fsdriveshare.org/ezpyymf4duri4unzpppmuhbhh0qfehvmksdb3whp2ne |
|
Details | Url | 2 | https://note.onedocshare.com/sezlg2vyj6l05yn4tvyj93t9ek3ox72pimiw95jlhdy |
|
Details | Url | 1 | https://ny.silvergatehr.com/5ek9724mz8oncul8zx7e7cvdcdbnxuffuo6plk/pebm |
|
Details | Url | 1 | https://ny.silvergatehr.com/l55utku3f6ajr7pawbasglehsb8gxbl22b0j1e9vwde |
|
Details | Url | 1 | https://share.stablemarket.org/auesdfdytf7kmvsgklvh8k9z1fjbup9bjrv/zqtwi |
|
Details | Url | 1 | https://share.stablemarket.org/s1iplkwyhi |
|
Details | Url | 1 | https://share.stablemarket.org/y5qboqiilbomxcjprfzyilsvyddx/p1xm4didmkxl3i |
|
Details | Url | 2 | https://www.datacentre.center/cb9lni7gx5nwkkw6wfdlqxqvkdylqnt0hnv2tw5zosc |
|
Details | Url | 2 | https://www.datacentre.center/oads |
|
Details | Url | 2 | https://www.docusign.agency/jzqvfmz9mf2wf5tkgeegrz2si09qqjbacdhn46xpjrs |
|
Details | Url | 2 | https://www.docusign.agency/wg70guidhxvwk3s/fcflkc7zy |
|
Details | Url | 1 | https://www.onlinedocpage.org/fcsdjkkpvjesm6hte |
|
Details | Url | 1 | https://www.onlinedocpage.org/snmrusss7kdzapqhi7g8lol/6qefrel2wwzivo2/tei |