ioc[.]one - OSINT Cyber Threat Intelligence Database

SOC146 EventID:153 — Phishing Mail Detected — Excel 4.0 Macros

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Ip Addresses - T1590.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Regsvr32 - T1218.010 Software - T1592.002 Connection Proxy - T1090 Powershell - T1086 Regsvr32 - T1117

Show in Graph

Common Information

Type	Value
UUID	52abe4a7-d9d3-4c12-beb1-b4c0c8dcc5c6
Fingerprint	264038190d2c3f89
Analysis status	DONE
Considered CTI value	0
Text language
Published	July 21, 2023, 11:16 a.m.
Added to db	July 21, 2023, 1:28 p.m.
Last updated	Nov. 18, 2024, 4:35 a.m.
Headline	SOC146 EventID:153 — Phishing Mail Detected — Excel 4.0 Macros
Title	SOC146 EventID:153 — Phishing Mail Detected — Excel 4.0 Macros
Detected Hints/Tags/Attributes	36/2/17

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@zapbroob9/soc146-eventid-153-phishing-mail-detected-excel-4-0-macros-b369d80b701c?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	3		tritowncomputers.com
Details	Domain	48		letsdefend.io
Details	Domain	1		11f44531fb088d31307d87b01e8eabff.zip
Details	Domain	26		mitre.org
Details	Domain	3		nws.visionconsulting.ro
Details	Email	3		trenton@tritowncomputers.com
Details	Email	3		lars@letsdefend.io
Details	File	1		11f44531fb088d31307d87b01e8eabff.zip
Details	File	1		c:\users\asus\downloads\11f44531fb088d31307d87b01e8eabff.zip
Details	File	459		regsvr32.exe
Details	File	1		dot.html
Details	File	2		iroto.dll
Details	File	199		excel.exe
Details	md5	2		11f44531fb088d31307d87b01e8eabff
Details	md5	1		9458859ABFD384F38362AF01FB306F14
Details	IPv4	2		24.213.228.54
Details	Url	2		https://nws.visionconsulting.ro/n1g1kcxa/dot.html