Stealing your email with a .txt file
Tags
country: Azerbaijan Poland Russia
attack-pattern: Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID 52a7b5b1-b1de-412a-9ec2-40bc9cf64393
Fingerprint 2105bb936b69162d
Analysis status DONE
Considered CTI value 1
Text language
Published Jan. 17, 2024, noon
Added to db Aug. 31, 2024, 11 a.m.
Last updated Sept. 3, 2024, 2:20 p.m.
Headline Search
Title Stealing your email with a .txt file
Detected Hints/Tags/Attributes 44/2/14
Source URLs
Redirection Url
Details Source https://blog.strikeready.com/blog/stealing-your-email-with-a-.txt-file/
URL Provider
Details Provider Source level domain
Details strikeready.com blog.strikeready.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 443 StrikeReady Labs on StrikeReady Blog https://blog.strikeready.com/contributors/strikeready-labs/index.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 2 
cve-2023-47272
Details Domain 1 
rcstat.com
Details Domain 1 
cpac.az
Details Email 1 
victoriabittner@cpac.az
Details File 4 
x.dat
Details IPv4 1 
45.130.86.4
Details Url 1 
https://rcstat.com/e?m=cmvzzwfyy2hac3ryawtlcmvhzhkuy29t&r=&s=mjaymy0xmc0wmw==
Details Url 1 
https://rcstat.com/q?r=&m=cmvzzwfyy2hac3ryawtlcmvhzhkuy29t
Details Url 1 
https://rcstat.com:443/addressbook/cmvzzwfyy2hac3ryawtlcmvhzhkuy29t
Details Url 1 
https://rcstat.com:443/p/cmvzzwfyy2hac3ryawtlcmvhzhkuy29t").catch
Details Url 1 
https://rcstat.com:443/about/cmvzzwfyy2hac3ryawtlcmvhzhkuy29t').catch
Details Url 1 
https://rcstat.com:443/s/cmvzzwfyy2hac3ryawtlcmvhzhkuy29t').catch
Details Url 1 
https://rcstat.com:443/addressbook/cmvzzwfyy2hac3ryawtlcmvhzhkuy29t').catch
Details Url 1 
https://rcstat.com:443/emails/cmvzzwfyy2hac3ryawtlcmvhzhkuy29t