Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans - RedPacket Security
Tags
cmtmf-attack-pattern: Masquerading
country: Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Html Smuggling - T1027.006 Javascript - T1059.007 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Visual Basic - T1059.005 Masquerading - T1036 Powershell - T1086 Masquerading
Show in Graph
Common Information
Type Value
UUID 82723537-fd93-46bc-a57a-b06c19f48fa5
Fingerprint 842f19121b2faf88
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 22, 2024, 8:01 p.m.
Added to db Oct. 22, 2024, 9:36 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Title Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans - RedPacket Security
Detected Hints/Tags/Attributes 52/4/8
Source URLs
Redirection Url
Details Source https://www.redpacketsecurity.com/gophish-framework-used-in-phishing-campaigns-to-deploy-remote-access-trojans/
URL Provider
Details Provider Source level domain
Details redpacketsecurity.com www.redpacketsecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 361 RedPacket Security https://www.redpacketsecurity.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
disk-yandex.ru
Details File 4 
usercache.ini
Details File 4 
lnk.js
Details File 155 
cscript.exe
Details File 2 
vkmessenger.7z
Details File 54 
file.exe
Details IPv4 5 
94.103.85.47
Details IPv4 5 
5.252.176.55