ioc[.]one - OSINT Cyber Threat Intelligence Database

RevengeHotels: cybercrime targeting hotel front desks worldwide

Tags

country:	Argentina Bolivia Brazil Chile Costa Rica France Italy Spain Thailand Laos Mexico Portugal
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Dynamic Dns - T1311 Dynamic Dns - T1333 Malicious File - T1204.002 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Template Injection - T1221 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	88a85441-d8b4-4f58-8646-5a99bcc6d407
Fingerprint	f154bb12c53d80a0
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 28, 2019, 10 a.m.
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 2:49 p.m.
Headline	RevengeHotels: cybercrime targeting hotel front desks worldwide
Title	RevengeHotels: cybercrime targeting hotel front desks worldwide
Detected Hints/Tags/Attributes	70/3/15

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/revengehotels/95229/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	269		cve-2017-0199
Details	Domain	87		booking.com
Details	Domain	317		bit.ly
Details	Domain	3		tip.kaspersky.com
Details	File	1		associados.docx
Details	File	1		reservation.docx
Details	File	26		backdoor.msi
Details	File	4		trojan-downloader.msi
Details	File	73		trojan.msi
Details	md5	1		74440d5d0e6ae9b9a03d06dd61718f66
Details	md5	1		e675bdf6557350a02f15c14f386fcc47
Details	md5	1		df632e25c32e8f8ad75ed3c50dd1cd47
Details	md5	1		a089efd7dd9180f9b726594bb6cf81ae
Details	md5	1		81701c891a1766c51c74bcfaf285854b
Details	Url	2		https://tip.kaspersky.com