ioc[.]one - OSINT Cyber Threat Intelligence Database

Hive0147 serving juicy Picanha with a side of Mekotio - Security Intelligence

Tags

country:	Brazil Chile Colombia Netherlands France Spain Laos Mexico Portugal
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Model Clipboard Data - T1414 Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Visual Basic - T1059.005 Clipboard Data - T1115 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	4cb14b27-72b2-47f4-bf02-dacddd2981c4
Fingerprint	859109ba8cb18385
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 16, 2024, midnight
Added to db	Oct. 21, 2024, 1:20 p.m.
Last updated	Nov. 12, 2024, 11:52 a.m.
Headline	Hive0147 serving juicy Picanha with a side of Mekotio
Title	Hive0147 serving juicy Picanha with a side of Mekotio - Security Intelligence
Detected Hints/Tags/Attributes	125/3/18

Source URLs

	Redirection	Url
Details	Source	https://securityintelligence.com/x-force/hive0147-serving-juicy-picanha-with-side-of-mekotio/

URL Provider

Details	Provider	Source level domain
Details	securityintelligence.com	securityintelligence.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	16		blob.core.windows.net
Details	Domain	3		cloudapp.azure.com
Details	Domain	1		host.secureserver.net
Details	Domain	2		app.goo.gl
Details	Domain	80		goo.gl
Details	Domain	2		squirrel.windows
Details	File	17		blob.core
Details	File	1		nsbars.dll
Details	File	1		textoescritor.exe
Details	File	1		wfhyfjqnzkog.dat
Details	File	5		magnification.dll
Details	File	11		dwmapi.dll
Details	File	1		maisum2.dat
Details	File	12		core.exe
Details	IBM X-Force - Unattributed Threat Actor	2		Hive0147
Details	IBM X-Force - Unattributed Threat Actor	3		Hive0129
Details	IPv4	3		1.0.0.89
Details	IPv4	2		177.235.219.126