Threat Source (April 11)
Tags
| country: | Australia North Korea |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Model Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 Vulnerabilities - T1588.006 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | 3ee82fa1-98f0-4a9f-afeb-507d4d772562 |
| Fingerprint | b1120dc0d8b772b7 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 11, 2019, 2 p.m. |
| Added to db | Oct. 9, 2022, 4:18 p.m. |
| Last updated | Nov. 17, 2024, 5:46 p.m. |
| Headline | Vulnerability Information |
| Title | Threat Source (April 11) |
| Detected Hints/Tags/Attributes | 53/3/18 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.talosintelligence.com/2019/04/threat-source-april-11.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 5 | maftask.zip |
|
| Details | Domain | 295 | amazon.com |
|
| Details | File | 5 | maftask.zip |
|
| Details | File | 34 | qmreportupload.exe |
|
| Details | File | 4 | max.exe |
|
| Details | File | 5 | cab.exe |
|
| Details | File | 6 | ups.exe |
|
| Details | md5 | 3 | 6372f770cddb40efefc57136930f4eb7 |
|
| Details | md5 | 38 | 47b97de62ae8b2b927542aa5d7f3c858 |
|
| Details | md5 | 4 | 4cf6cc9fafde5d516be35f73615d3f00 |
|
| Details | md5 | 4 | b89b37a90d0a080c34bbba0d53bd66df |
|
| Details | md5 | 2 | 147ba798e448eb3caa7e477e7fb3a959 |
|
| Details | sha256 | 3 | d05a8eaf45675b2e0cd6224723ededa92c8bb9515ec801b8b11ad770e9e1e7ed |
|
| Details | sha256 | 31 | 3f6e3d8741da950451668c8333a4958330e96245be1d592fcaa485f4ee4eadb3 |
|
| Details | sha256 | 3 | 8f236ac211c340f43568e545f40c31b5feed78bdf178f13abe498a1f24557d56 |
|
| Details | sha256 | 3 | 46bc86cff88521671e70edbbadbc17590305c8f91169f777635e8f529ac21044 |
|
| Details | sha256 | 2 | 790c213e1227adefd2d564217de86ac9fe660946e1240b5415c55770a951abfd |
|
| Details | IPv6 | 63 | ::1201 |