Recent Cases of Watering Hole Attacks, Part 1 - JPCERT/CC Eyes
Common Information
Type Value
UUID 99e2fc26-8b72-4d20-b9f2-22473dabe09f
Fingerprint d3108911a8e5644f
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 19, 2024, midnight
Added to db Dec. 21, 2024, 4:50 a.m.
Last updated Dec. 23, 2024, 12:09 p.m.
Headline JPCERT/CC Eyes
Title Recent Cases of Watering Hole Attacks, Part 1 - JPCERT/CC Eyes
Detected Hints/Tags/Attributes 47/3/21
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 62 JPCERT/CCブログ 英語版 https://blogs.jpcert.or.jp/en/atom.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2
www.mcasprod.com
Details Domain 2
patient-flower-ccef.nifttymailcom.workers.dev
Details Domain 2
patient-flower-cdf.nifttymailcom.workers.dev
Details Domain 2
cdn.nifttymail.com
Details File 3
flashupdateinstall.exe
Details File 4
system32.dll
Details File 2
tips.exe
Details File 2
c:\users\public\downloads\tips.exe
Details File 127
avp.exe
Details File 239
min.js
Details File 5
%windir%\syswow64\dllhost.exe
Details File 4
%windir%\sysnative\dllhost.exe
Details sha256 2
791c28f482358c952ff860805eaefc11fd57d0bf21ec7df1b9781c7e7d995ba3
Details sha256 2
a0224574ed356282a7f0f2cac316a7a888d432117e37390339b73ba518ba5d88
Details sha256 2
7b334fce8e3119c2807c63fcc7c7dc862534f38bb063b44fef557c02a10fdda1
Details sha256 2
284431674a187a4f5696c228ce8575cbd40a3dc21ac905083e813d7ba0eb2f08
Details sha256 2
df0ba6420142fc09579002e461b60224dd7d6d159b0f759c66ea432b1430186d
Details sha256 2
3bf1e683e0b6050292d13be44812aafa2aa42fdb9840fb8c1a0e4424d4a11e21
Details sha256 2
f8ba95995d772f8c4c0ffcffc710499c4d354204da5fa553fd33cf1c5f0f6edb
Details Pdb 2
c:\users\jack\viewer\bin\viewer.pdb
Details Url 2
http://cdn.nifttymail.com