Recent Cases of Watering Hole Attacks, Part 1
Common Information
Type Value
UUID 57294da3-c4df-4baf-8608-10ead16452e4
Fingerprint d2308d01e9e326cf
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 19, 2024, 2:06 a.m.
Added to db Dec. 21, 2024, 4:46 a.m.
Last updated Dec. 23, 2024, 12:09 p.m.
Headline Recent Cases of Watering Hole Attacks, Part 1
Title Recent Cases of Watering Hole Attacks, Part 1
Detected Hints/Tags/Attributes 48/3/21
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 158 Malware Analysis, News and Indicators - Latest topics https://malware.news/latest.rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2
www.mcasprod.com
Details Domain 2
patient-flower-ccef.nifttymailcom.workers.dev
Details Domain 2
patient-flower-cdf.nifttymailcom.workers.dev
Details Domain 2
cdn.nifttymail.com
Details File 3
flashupdateinstall.exe
Details File 4
system32.dll
Details File 2
tips.exe
Details File 2
c:\users\public\downloads\tips.exe
Details File 127
avp.exe
Details File 239
min.js
Details File 5
%windir%\syswow64\dllhost.exe
Details File 4
%windir%\sysnative\dllhost.exe
Details sha256 2
791c28f482358c952ff860805eaefc11fd57d0bf21ec7df1b9781c7e7d995ba3
Details sha256 2
a0224574ed356282a7f0f2cac316a7a888d432117e37390339b73ba518ba5d88
Details sha256 2
7b334fce8e3119c2807c63fcc7c7dc862534f38bb063b44fef557c02a10fdda1
Details sha256 2
284431674a187a4f5696c228ce8575cbd40a3dc21ac905083e813d7ba0eb2f08
Details sha256 2
df0ba6420142fc09579002e461b60224dd7d6d159b0f759c66ea432b1430186d
Details sha256 2
3bf1e683e0b6050292d13be44812aafa2aa42fdb9840fb8c1a0e4424d4a11e21
Details sha256 2
f8ba95995d772f8c4c0ffcffc710499c4d354204da5fa553fd33cf1c5f0f6edb
Details Pdb 2
c:\users\jack\viewer\bin\viewer.pdb
Details Url 2
http://cdn.nifttymail.com