Extrapolating Adversary Intent through Infrastructure - DomainTools | Start Here. Know Now.
Tags
| country: | North Korea Japan South Korea Russia United States Of America |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Direct Indirect Cloud Services - T1021.007 Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Phishing - T1660 Phishing - T1566 |
Common Information
| Type | Value |
|---|---|
| UUID | 44dc4cfd-fd8d-47d0-b267-c5baa4af2b7c |
| Fingerprint | 37b084d348b387c0 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 11, 2020, midnight |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Sept. 4, 2024, 3:40 p.m. |
| Headline | Extrapolating Adversary Intent Through Infrastructure |
| Title | Extrapolating Adversary Intent through Infrastructure - DomainTools | Start Here. Know Now. |
| Detected Hints/Tags/Attributes | 84/3/150 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | msrole.com |
|
| Details | Domain | 3 | jeojang.ga |
|
| Details | Domain | 1 | culturecommunication.ga |
|
| Details | Domain | 1 | starcraft2.cf |
|
| Details | Domain | 1 | swisstiming.cf |
|
| Details | Domain | 1 | jeonjang.ga |
|
| Details | Domain | 2 | templates-library.ml |
|
| Details | Domain | 1 | appmicrosoft.net |
|
| Details | Domain | 2 | email.microsoftonline.services |
|
| Details | Domain | 2 | columbusairports.microsoftonline.host |
|
| Details | Domain | 2 | westus2.cloudapp.azure.com |
|
| Details | Domain | 2 | microsoftonline.host |
|
| Details | Domain | 2 | microsoftonline.services |
|
| Details | Domain | 1 | help-navers.com |
|
| Details | Domain | 1 | naver.com.se |
|
| Details | Domain | 2 | helpnaver.com |
|
| Details | Domain | 2 | naver.hol.es |
|
| Details | Domain | 1 | naver.co.in |
|
| Details | Domain | 1 | naver.koreagov.com |
|
| Details | Domain | 1 | naver.com.cm |
|
| Details | Domain | 1 | naver.onegov.com |
|
| Details | Domain | 2 | naver.com.de |
|
| Details | Domain | 1 | naver.unibok.kr |
|
| Details | Domain | 1 | naver.com.ec |
|
| Details | Domain | 1 | naver.cx |
|
| Details | Domain | 1 | naver.com.mx |
|
| Details | Domain | 1 | naver.pw |
|
| Details | Domain | 1 | naver.com.pl |
|
| Details | Domain | 1 | naverdns.co |
|
| Details | Domain | 1 | daum.net.pl |
|
| Details | Domain | 1 | login.daum.kcrct.ml |
|
| Details | Domain | 2 | daurn.pe.hu |
|
| Details | Domain | 1 | login.daum.net-accounts.info |
|
| Details | Domain | 1 | daurn.org |
|
| Details | Domain | 1 | login.daum.unikortv.com |
|
| Details | Domain | 2 | com-ssl.work |
|
| Details | Domain | 2 | com-vps.work |
|
| Details | Domain | 2 | onedrive.sslport.work |
|
| Details | Domain | 2 | intranet.ohchr.account-protect.work |
|
| Details | Domain | 1 | smt.docomo.ne.jp-ssl.work |
|
| Details | Domain | 1 | rfanews.sslport.work |
|
| Details | Domain | 2 | mail.rfa.sslport.work |
|
| Details | Domain | 1 | ohchr.org |
|
| Details | Domain | 2 | nttdocomo.co.jp |
|
| Details | Domain | 2 | rfa.org |
|
| Details | Domain | 1 | account.daum.unikftc.kr |
|
| Details | Domain | 1 | hogy.desk-top.work |
|
| Details | Domain | 1 | account.daurn.pe.hu |
|
| Details | Domain | 2 | intemet.work |
|
| Details | Domain | 1 | amberalexander.ghtdev.com |
|
| Details | Domain | 1 | beyondparallel.sslport.work |
|
| Details | Domain | 1 | jonga.ml |
|
| Details | Domain | 2 | bigfile.pe.hu |
|
| Details | Domain | 2 | jp-ssl.work |
|
| Details | Domain | 4 | bignaver.com |
|
| Details | Domain | 1 | kooo.gq |
|
| Details | Domain | 1 | cdaum.pe.hu |
|
| Details | Domain | 2 | loadmanager07.com |
|
| Details | Domain | 1 | cloudmail.cloud |
|
| Details | Domain | 4 | cloudnaver.com |
|
| Details | Domain | 1 | coinone.co.in |
|
| Details | Domain | 2 | com-download.work |
|
| Details | Domain | 1 | login.outlook.kcrct.ml |
|
| Details | Domain | 2 | com-option.work |
|
| Details | Domain | 1 | mailsnaver.com |
|
| Details | Domain | 2 | com-sslnet.work |
|
| Details | Domain | 4 | member-authorize.com |
|
| Details | Domain | 1 | myaccount.nkaac.net |
|
| Details | Domain | 1 | comment.poulsen.work |
|
| Details | Domain | 1 | myaccounts.gmail.kr-infos.com |
|
| Details | Domain | 1 | cooper.center |
|
| Details | Domain | 1 | myetherwallet.co.in |
|
| Details | Domain | 1 | csnaver.com |
|
| Details | Domain | 1 | myetherwallet.com.mx |
|
| Details | Domain | 1 | dept-dr.lab.hol.es |
|
| Details | Domain | 2 | desk-top.work |
|
| Details | Domain | 1 | downloadman06.com |
|
| Details | Domain | 1 | dubai-1.com |
|
| Details | Domain | 5 | eastsea.or.kr |
|
| Details | Domain | 1 | gloole.net |
|
| Details | Domain | 1 | help.unikoreas.kr |
|
| Details | Domain | 1 | securetymail.com |
|
| Details | Domain | 4 | servicenidnaver.com |
|
| Details | Domain | 1 | net.tm.ro |
|
| Details | Domain | 2 | smtper.cz |
|
| Details | Domain | 1 | nid.naver.com.se |
|
| Details | Domain | 1 | smtper.org |
|
| Details | Domain | 1 | nid.naver.corper.be |
|
| Details | Domain | 2 | sslport.work |
|
| Details | Domain | 1 | nid.naver.unibok.kr |
|
| Details | Domain | 2 | sslserver.work |
|
| Details | Domain | 1 | nidlogin.naver.corper.be |
|
| Details | Domain | 2 | ssltop.work |
|
| Details | Domain | 1 | nidnaver.email |
|
| Details | Domain | 1 | sts.desk-top.work |
|
| Details | Domain | 1 | nidnaver.net |
|
| Details | Domain | 2 | taplist.work |
|
| Details | Domain | 1 | ns.onekorea.me |
|
| Details | Domain | 1 | tiosuaking.com |
|
| Details | Domain | 2 | org-vip.work |
|
| Details | Domain | 1 | top.naver.onekda.com |
|
| Details | Domain | 2 | preview.manage.org-view.work |
|
| Details | Domain | 1 | usernaver.com |
|
| Details | Domain | 2 | pro-navor.com |
|
| Details | Domain | 1 | view-hanmail.net |
|
| Details | Domain | 1 | read-hanmail.net |
|
| Details | Domain | 3 | view-naver.com |
|
| Details | Domain | 1 | read-naver.com |
|
| Details | Domain | 1 | vilene.desk-top.work |
|
| Details | Domain | 1 | read.tongilmoney.com |
|
| Details | Domain | 2 | vpstop.work |
|
| Details | Domain | 4 | resetprofile.com |
|
| Details | Domain | 2 | webmain.work |
|
| Details | Domain | 1 | resultview.com |
|
| Details | Domain | 3 | webuserinfo.com |
|
| Details | Domain | 1 | riaver.site |
|
| Details | Domain | 1 | ww-naver.com |
|
| Details | Domain | 1 | sankei.sslport.work |
|
| Details | File | 1 | smt.doc |
|
| Details | IPv4 | 1 | 27.102.102.30 |
|
| Details | IPv4 | 2 | 141.8.224.221 |
|
| Details | IPv4 | 2 | 200.122.181.63 |
|
| Details | IPv4 | 1 | 107.167.92.196 |
|
| Details | IPv4 | 1 | 195.20.51.47 |
|
| Details | IPv4 | 1 | 213.74.101.65 |
|
| Details | IPv4 | 1 | 138.201.186.43 |
|
| Details | IPv4 | 1 | 213.74.139.196 |
|
| Details | IPv4 | 1 | 5.45.119.124 |
|
| Details | IPv4 | 1 | 212.252.30.170 |
|
| Details | IPv4 | 1 | 193.37.212.43 |
|
| Details | IPv4 | 1 | 5.196.167.184 |
|
| Details | IPv4 | 1 | 146.0.77.60 |
|
| Details | IPv4 | 1 | 37.139.7.16 |
|
| Details | IPv4 | 1 | 51.159.28.101 |
|
| Details | IPv4 | 1 | 149.56.20.55 |
|
| Details | IPv4 | 1 | 108.177.235.92 |
|
| Details | IPv4 | 1 | 91.227.68.97 |
|
| Details | IPv4 | 2 | 108.62.141.33 |
|
| Details | IPv4 | 1 | 203.249.64.219 |
|
| Details | IPv4 | 2 | 146.112.61.107 |
|
| Details | IPv4 | 1 | 211.38.228.101 |
|
| Details | IPv4 | 1 | 150.95.219.213 |
|
| Details | IPv4 | 1 | 27.102.107.221 |
|
| Details | IPv4 | 1 | 162.244.253.107 |
|
| Details | IPv4 | 1 | 27.102.127.46 |
|
| Details | IPv4 | 1 | 173.234.155.126 |
|
| Details | IPv4 | 2 | 27.255.77.110 |
|
| Details | IPv4 | 1 | 192.185.94.206 |
|
| Details | IPv4 | 3 | 44.227.65.245 |
|
| Details | IPv4 | 1 | 192.203.145.170 |