Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Tags
cmtmf-attack-pattern: Masquerading
country: Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Html Smuggling - T1027.006 Javascript - T1059.007 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Visual Basic - T1059.005 Masquerading - T1036 Powershell - T1086 Masquerading
Show in Graph
Common Information
Type Value
UUID 965376dd-61ea-4512-9004-66dc1ef1690d
Fingerprint 842e990a0b25af69
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 22, 2024, 10:36 p.m.
Added to db Oct. 22, 2024, 8:37 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Title Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Detected Hints/Tags/Attributes 51/4/8
Source URLs
Redirection Url
Details Source https://thehackernews.com/2024/10/gophish-framework-used-in-phishing.html
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 118 The Hacker News https://feeds.feedburner.com/TheHackersNews 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
disk-yandex.ru
Details File 4 
usercache.ini
Details File 4 
lnk.js
Details File 155 
cscript.exe
Details File 2 
vkmessenger.7z
Details File 54 
file.exe
Details IPv4 5 
94.103.85.47
Details IPv4 5 
5.252.176.55