ioc[.]one - OSINT Cyber Threat Intelligence Database

Trickbot Watch: Arrival via Redirection URL in Spam

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Email Addresses - T1589.002 Exploits - T1587.004 Exploits - T1588.005 Malicious Link - T1204.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Social Media - T1593.001 Visual Basic - T1059.005 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	96e01c09-fbec-44be-985f-eab23114e74b
Fingerprint	26c529c8117667c7
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 20, 2019, midnight
Added to db	Sept. 11, 2022, 12:47 p.m.
Last updated	Oct. 16, 2024, 2:37 a.m.
Headline	Trickbot Watch: Arrival via Redirection URL in Spam
Title	Trickbot Watch: Arrival via Redirection URL in Spam
Detected Hints/Tags/Attributes	53/2/28

Source URLs

	Redirection	Url
Details	Source	https://blog.trendmicro.com/trendlabs-security-intelligence/trickbot-watch-arrival-via-redirection-url-in-spam/
Details	Source	https://www.trendmicro.com/en_ca/research/19/e/trickbot-watch-arrival-via-redirection-url-in-spam.html

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	www.trendmicro.com
Details	trendmicro.com	blog.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	google.dm
Details	Domain	1	mastelecomusa.com
Details	File	2	importdll32.dll
Details	File	3	injectdll32.dll
Details	File	2	mailsearcher32.dll
Details	File	2	networkdll32.dll
Details	File	1	psfin32.dll
Details	File	2	pwgrab32.dll
Details	File	2	sharedll32.dll
Details	File	3	systeminfo32.dll
Details	File	2	wormdll32.dll
Details	File	1	8_81_32.vbs
Details	File	20	trojan.vbs
Details	File	1	84_692_6.vbs
Details	sha256	1	be201f8a0ba71b7ca14027d62ff0e1c4fd2b00caf135ab2b048fa9c3529f98c8
Details	sha256	1	a02593229c8e75c4bfc6983132e2250f3925786224d469cf881dbc37663c355e
Details	sha256	1	7f55daf593aab125cfc124a1aeeb50c78841cc2e91c8fbe6118eeae45c94549e
Details	sha256	1	c560cca7e368ba23a5e48897e2f89ed1eb2e5918a3db0b94a244734b11a009c6
Details	sha256	1	f82d0b87a38792e4572b15fab574c7bf95491bf7c073124530f05cc704c1ee96
Details	sha256	1	fe89e399b749ee9fb04ea5801a99a250560ad1a4112bbf6ef429e8e7874921f2
Details	sha256	1	7daa04b93afff93bb2ffe588a557089fad731cac7af11b07a281a2ae847536d5
Details	sha256	1	312dec124076289d8941797ccd2652a9a0e193bba8982f9f1f9bdd31e7388c66
Details	sha256	1	55f74affe702420ab9e63469d2b6b47374f863fe06ef2fffef7045fb5cbb1079
Details	sha256	1	11b4c8b88142e9338a3cee2464e2ac1f4caccbdf94ab0ccf40c03b6960b35dd2
Details	sha256	1	23b3cbf50531ff8cb4f81cc5d89e73f2b93f24bec575334bc133722fd9abb8fb
Details	sha256	1	ce46ce023e01d2afa2569962e3c0daa61f825eaa1fb5121e982f36f54bb6ab53
Details	Url	1	https://google.dm:443/url?q=
Details	Url	1	http://mastelecomusa.com/2019/05/02/order-review