High Value Malicious Domains. — Silent Push Threat Intelligence
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Datasets Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 53c9465c-87a8-483e-b938-e37ee2a3b5cf |
| Fingerprint | 26a8addf6c12c3e1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 28, 2024, midnight |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | High Value Malicious Domains. |
| Title | High Value Malicious Domains. — Silent Push Threat Intelligence |
| Detected Hints/Tags/Attributes | 34/2/54 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.silentpush.com/blog/high-value-malicious-domains |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | noip.org |
|
| Details | Domain | 1 | voicenett.serveftp.com |
|
| Details | Domain | 3 | loop.microsoftmse.com |
|
| Details | Domain | 1 | wellsconfirm-account.com |
|
| Details | Domain | 1 | aliorbank.io |
|
| Details | Domain | 5 | microsoftupdateswin.com |
|
| Details | Domain | 5 | serviceupdates.net |
|
| Details | Domain | 6 | servicesupdater.com |
|
| Details | Domain | 50 | avsvmcloud.com |
|
| Details | Domain | 1 | a1-139.avsvmcloud.com |
|
| Details | Domain | 1 | a11-64.avsvmcloud.com |
|
| Details | Domain | 1 | a20-65.avsvmcloud.com |
|
| Details | Domain | 1 | a26-67.avsvmcloud.com |
|
| Details | Domain | 1 | a4-65.avsvmcloud.com |
|
| Details | Domain | 1 | a6-66.avsvmcloud.com |
|
| Details | Domain | 3 | ns1.dnsowl.com |
|
| Details | Domain | 3 | ns2.dnsowl.com |
|
| Details | Domain | 4 | ns3.dnsowl.com |
|
| Details | Domain | 1 | pdns09.domaincontrol.com |
|
| Details | Domain | 1 | pdns10.domaincontrol.com |
|
| Details | Domain | 18 | freescanonline.com |
|
| Details | Domain | 14 | zupertech.com |
|
| Details | Domain | 16 | panhardware.com |
|
| Details | Domain | 15 | databasegalore.com |
|
| Details | Domain | 16 | incomeupdate.com |
|
| Details | Domain | 15 | highdatabase.com |
|
| Details | Domain | 13 | websitetheme.com |
|
| Details | Domain | 18 | thedoccloud.com |
|
| Details | Domain | 5 | virtualdataserver.com |
|
| Details | Domain | 12 | lcomputers.com |
|
| Details | Domain | 12 | webcodez.com |
|
| Details | Domain | 19 | deftsecurity.com |
|
| Details | Domain | 11 | digitalcollege.org |
|
| Details | Domain | 9 | globalnetworkissues.com |
|
| Details | Domain | 10 | kubecloud.com |
|
| Details | Domain | 12 | seobundlekit.com |
|
| Details | Domain | 10 | solartrackingsystem.net |
|
| Details | Domain | 12 | virtualwebdata.com |
|
| Details | Domain | 1 | updates.run |
|
| Details | Domain | 1 | fedora-dns-update.com |
|
| Details | Domain | 1 | virtualserverfaq.com |
|
| Details | Domain | 2 | microsoftsonline.net |
|
| Details | Domain | 1 | microlynconline.com |
|
| Details | File | 1 | a1-139.avs |
|
| Details | File | 1 | a11-64.avs |
|
| Details | File | 1 | a20-65.avs |
|
| Details | File | 1 | a26-67.avs |
|
| Details | File | 1 | a4-65.avs |
|
| Details | File | 1 | a6-66.avs |
|
| Details | Mandiant Uncategorized Groups | 97 | UNC2452 |
|
| Details | Threat Actor Identifier - APT | 11 | APT22 |
|
| Details | Threat Actor Identifier - APT | 522 | APT41 |
|
| Details | Threat Actor Identifier - APT | 297 | APT27 |
|
| Details | Url | 1 | https://voicenett.serveftp.com/6s17aiqf1hczfv7e |