Golang Attack Campaign Tracked as GO#WEBBFUSCATOR Applies James Webb Space Telescope Images as Lures to Infect Systems - SOC Prime
Tags
cmtmf-attack-pattern: Command And Scripting Interpreter
maec-delivery-vectors: Watering Hole
attack-pattern: Command And Scripting Interpreter - T1623 Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Command-Line Interface - T1059
Show in Graph
Common Information
Type Value
UUID 3bf7186f-f133-4988-af49-c0cbb4bb615c
Fingerprint 84391d0d801fea17
Analysis status DONE
Considered CTI value 1
Text language
Published Sept. 5, 2022, 1:20 p.m.
Added to db Sept. 11, 2022, 12:36 p.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline Golang Attack Campaign Tracked as GO#WEBBFUSCATOR Applies James Webb Space Telescope Images as Lures to Infect Systems
Title Golang Attack Campaign Tracked as GO#WEBBFUSCATOR Applies James Webb Space Telescope Images as Lures to Infect Systems - SOC Prime
Detected Hints/Tags/Attributes 39/3/4
Source URLs
Redirection Url
Details Source https://socprime.com/blog/golang-attack-campaign-tracked-as-gowebbfuscator-applies-james-webb-space-telescope-images-as-lures-to-infect-systems/
URL Provider
Details Provider Source level domain
Details socprime.com socprime.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 237 SOC Prime https://socprime.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 42 
socprime.com
Details File 2127 
cmd.exe
Details MITRE ATT&CK Techniques 695 
T1059
Details Threat Actor Identifier - APT 783 
APT28