ioc[.]one - OSINT Cyber Threat Intelligence Database

Security Brief: ClickFix Social Engineering Technique Floods Threat Landscape | Proofpoint US

Tags

country:	Germany Russia Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Impersonation - T1656 Javascript - T1059.007 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Powershell - T1059.001 Software - T1592.002 Tool - T1588.002 Mshta - T1170 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	773c2518-d6e5-4293-8975-6e8ec4287370
Fingerprint	245e4393893987a0
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 18, 2024, 6:34 p.m.
Added to db	Nov. 18, 2024, 11:28 a.m.
Last updated	Nov. 20, 2024, 7:46 a.m.
Headline	Security Brief: ClickFix Social Engineering Technique Floods Threat Landscape
Title	Security Brief: ClickFix Social Engineering Technique Floods Threat Landscape \| Proofpoint US
Detected Hints/Tags/Attributes	78/3/43

Source URLs

	Redirection	Url
Details	Source	https://www.proofpoint.com/us/blog/threat-insight/security-brief-clickfix-social-engineering-technique-floods-threat-landscape

URL Provider

Details	Provider	Source level domain
Details	proofpoint.com	www.proofpoint.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	354	✔	Proofpoint Threat Insight	https://www.proofpoint.com/us/threat-insight-blog.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CERT Ukraine	43	UAC-0050
Details	Domain	12	web.de
Details	Domain	1	promtcraft.online
Details	Domain	16	github-scanner.com
Details	Domain	5	eemmbryequo.shop
Details	Domain	5	reggwardssdqw.shop
Details	Domain	5	relaxatinownio.shop
Details	Domain	5	tesecuuweqo.shop
Details	Domain	5	tendencctywop.shop
Details	Domain	5	licenseodqwmqn.shop
Details	Domain	5	keennylrwmqlw.shop
Details	Domain	42	steamcommunity.com
Details	Domain	1	ricardo.aljiri.es
Details	Domain	7	greshunka.com
Details	Domain	8	tiguanin.com
Details	Domain	7	bazarunet.com
Details	Domain	5	rilomenifis.com
Details	Domain	6	isomicrotich.com
Details	Domain	1	promptcraft.online
Details	Domain	1	chrome.zip
Details	Email	1	resizenreyl6@web.de
Details	File	11	l6e.exe
Details	sha256	1	d9ab6cfa60cc75785e31ca9b5a31dae1c33022bdb90cb382ef3ca823c627590d
Details	sha256	5	d737637ee5f121d11a6f3295bf0d51b06218812b5ec04fe9ea484921e905a207
Details	sha256	1	5d5b4f259ef3b3d20f6ef1a63def6dee9326efe2b7b7b7e474008aa978f1f19b
Details	sha256	1	e726d3324ca8b9a8da4d317c5d749dd0ad58fd447a2eb5eee75ef14824339cd5
Details	IPv4	1	185.91.69.119
Details	IPv4	1	92.118.112.130
Details	IPv4	1	193.124.185.116
Details	IPv4	1	193.124.185.117
Details	IPv4	4	188.119.113.152
Details	IPv4	1	185.147.124.40
Details	IPv4	3	31.214.157.49
Details	IPv4	1	178.215.224.252
Details	Url	3	https://github-scanner.com/l6e.exe
Details	Url	3	https://steamcommunity.com/profiles/76561199724331900
Details	Url	1	https://ricardo.aljiri.es/ricardo/captchav4de
Details	Url	1	https://www.dropbox.com/scl/fi/z4vwx6uot2bwugh34fbvz/captcha_v4id882994ft.zip?rlkey=nuh8s42xr9mz2kzkonzwyseaa&st=vk2qu0te&dl=1
Details	Url	1	http://188.119.113.152/x64_stealth.dll
Details	Url	1	http://185.147.124.40/capcha.html
Details	Url	1	http://31.214.157.49/a6dxmijz_hdkr2jol_pimar1q8.txt
Details	Url	1	http://31.214.157.49/chrome.zip
Details	Url	1	http://178.215.224.252/v10/ukyh.php