ioc[.]one - OSINT Cyber Threat Intelligence Database

Conti Affiliate Exposed: New Domain Names, IP Addresses and Email…

Tags

country:	Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Model Models Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Lateral Tool Transfer - T1570 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vnc - T1021.005 Tool - T1588.002 Brute Force - T1110 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	3dba8c35-a907-4f7c-8677-6e57000ee315
Fingerprint	a163a1f9b31b9ec4
Analysis status	DONE
Considered CTI value	1
Text language
Published	May 16, 2022, midnight
Added to db	Sept. 26, 2022, 9:34 a.m.
Last updated	Sept. 4, 2024, 11:14 a.m.
Headline	Conti Affiliate Exposed: New Domain Names, IP Addresses and Email Addresses Uncovered
Title	Conti Affiliate Exposed: New Domain Names, IP Addresses and Email…
Detected Hints/Tags/Attributes	134/3/28

Source URLs

	Redirection	Url
Details	Source	https://www.esentire.com/blog/conti-affiliate-exposed-new-domain-names-ip-addresses-and-email-addresses-uncovered-by-esentire

URL Provider

Details	Provider	Source level domain
Details	esentire.com	www.esentire.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	firmwareupdater.com
Details	Domain	1	aspdotnetpro.com
Details	Domain	1	fortinetdirect.com
Details	Domain	1	intergroupservices.com
Details	Domain	1	thumbsupdating.com
Details	Domain	1	estudiopay.com
Details	Domain	1	appnewrelease.com
Details	Domain	1	gpupdatemanager.com
Details	Domain	1	flashpointdatabase.com
Details	Domain	1	wirelesswebaccess.com
Details	Domain	1	webdatabasesystem.com
Details	Domain	1	amibios-updater.com
Details	Domain	1	sonyblueprint.com
Details	Domain	1	customsecurityusa.com
Details	Domain	1	juniperengineer.com
Details	Domain	2	bqtconsulting.com
Details	Domain	1	driverpackcdn.com
Details	IPv4	1	46.21.153.52
Details	IPv4	1	23.227.196.236
Details	IPv4	1	146.70.44.201
Details	IPv4	1	198.252.99.99
Details	IPv4	1	172.96.186.51
Details	IPv4	1	23.227.202.142
Details	IPv4	1	23.227.198.235
Details	IPv4	1	46.21.153.48
Details	IPv4	1	23.227.198.211
Details	IPv4	1	23.227.196.58
Details	Mandiant Uncategorized Groups	20	UNC2447