ioc[.]one - OSINT Cyber Threat Intelligence Database

Enemy at the gates: Reviewing the Magnitude exploit kit redirection chain | Malwarebytes Labs

Tags

country:	South Korea
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Steganography - T1001.002 Steganography - T1406.001 Steganography - T1027.003 Trap - T1546.005 Trap - T1154

Show in Graph

Common Information

Type	Value
UUID	8de97e91-4e29-413a-8efe-9461f9a89919
Fingerprint	e67d08d3b13ef0dd
Analysis status	DONE
Considered CTI value	0
Text language
Published	Aug. 2, 2017, midnight
Added to db	Jan. 18, 2023, 8:34 p.m.
Last updated	Nov. 15, 2024, 3:46 a.m.
Headline	Enemy at the gates: Reviewing the Magnitude exploit kit redirection chain
Title	Enemy at the gates: Reviewing the Magnitude exploit kit redirection chain \| Malwarebytes Labs
Detected Hints/Tags/Attributes	63/3/63

Source URLs

	Redirection	Url
Details	Source	https://blog.malwarebytes.com/cybercrime/2017/08/enemy-at-the-gates-reviewing-the-magnitude-exploit-kit-redirection-chain/

URL Provider

Details	Provider	Source level domain
Details	malwarebytes.com	blog.malwarebytes.com

Attributes

Details	Type	#Events	Value
Details	Domain	88	malware-traffic-analysis.net
Details	Domain	1	filesnews.ws
Details	Domain	1	paypalinvest.info
Details	Domain	41	malware.dontneedcoffee.com
Details	Domain	1	bestmoneyinvest.net
Details	Domain	1	roundgames.biz
Details	Domain	1	aroundgamez.org
Details	Domain	1	arcencielfoundation.org
Details	Domain	1	planetofsgames.com
Details	Domain	1	lebhaile.com
Details	Domain	1	sextizer.net
Details	Domain	1	pyfxmoney.com
Details	Domain	1	blowyourmindvape.com
Details	Domain	1	letsvapes.com
Details	Domain	1	letsdovape.com
Details	Domain	1	cdi3e82hac4p.boxaims.com
Details	Domain	1	f344709fpep0ue412r.dieowed.com
Details	Domain	1	4lfcfq6a7g94.rarekid.com
Details	Domain	1	0adci9j7d7l46e.asmight.com
Details	Domain	1	d88o9cd59.endsits.com
Details	Domain	1	c00x28g6c54fax0br.ordrink.com
Details	Domain	1	28cdw96cl1do5.givesup.com
Details	Domain	1	2a2l2xfcffcb66v.hesoff.com
Details	Domain	1	38ffa328261.isleave.com
Details	Domain	1	6d82p5d2v0e4ft105s.owesdo.com
Details	Domain	1	175c2a53f64lbr64w.milered.com
Details	Domain	1	e4cua85j8w06crek833x.helpfix.stream
Details	Domain	1	70i4o34b724q.bestbusy.site
Details	Domain	1	7a48s4eu85kaeu4p3.doebulk.com
Details	Domain	1	906q2u4567021q.usfixes.com
Details	File	2	data.png
Details	File	1	paypalinvest.inf
Details	File	1	magnitude.html
Details	File	1	4lfcfq6a7g94.rar
Details	File	1	0adci9j7d7l46e.asm
Details	File	1	175c2a53f64lbr64w.mil
Details	IPv4	1	210.117.120.42
Details	IPv4	1	217.172.189.199
Details	IPv4	1	31.3.242.108
Details	IPv4	1	78.46.29.251
Details	IPv4	1	148.251.205.122
Details	IPv4	1	185.130.226.117
Details	IPv4	1	185.82.216.199
Details	IPv4	1	185.104.11.201
Details	IPv4	1	89.163.129.151
Details	IPv4	1	91.134.161.63
Details	IPv4	1	188.138.102.127
Details	IPv4	1	95.215.63.225
Details	IPv4	1	95.215.62.214
Details	IPv4	1	188.138.68.153
Details	IPv4	1	188.138.68.163
Details	IPv4	1	94.228.223.242
Details	IPv4	2	94.228.223.245
Details	IPv4	1	188.165.85.28
Details	IPv4	1	51.255.154.6
Details	IPv4	1	149.202.232.201
Details	IPv4	1	46.105.95.113
Details	IPv4	1	151.80.179.144
Details	IPv4	1	46.105.95.114
Details	IPv4	1	37.59.140.124
Details	IPv4	1	145.239.190.17
Details	Url	1	https://www.proofpoint.com/us/threat-insight/post/magnitude-actor-social-engineering-scheme-windows-10
Details	Url	1	http://malware.dontneedcoffee.com/2013/10/magnitude.html