RUNLIR - phishing campaign targeting Netherlands
Tags
cmtmf-attack-pattern: Traffic Distribution
country: Belgium Netherlands Germany Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 7573d6ed-6891-4d09-b030-008292918e59
Fingerprint b2600951012347cc
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 16, 2021, midnight
Added to db Aug. 31, 2024, 12:51 a.m.
Last updated Nov. 17, 2024, 2:48 p.m.
Headline UNKNOWN
Title RUNLIR - phishing campaign targeting Netherlands
Detected Hints/Tags/Attributes 71/4/5
Source URLs
Redirection Url
Details Source https://blog.group-ib.com/runlir
URL Provider
Details Provider Source level domain
Details group-ib.com blog.group-ib.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 36 Blog Group-IB https://blog.group-ib.com/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 317 
bit.ly
Details Domain 2 
tny.sh
Details Domain 3 
fraudehelpdesk.nl
Details Domain 5 
scamadviser.com
Details File 1 
verwerk1.php