Recent Cases of Watering Hole Attacks, Part 1 - JPCERT/CC Eyes
Tags
Common Information
Type | Value |
---|---|
UUID | 99e2fc26-8b72-4d20-b9f2-22473dabe09f |
Fingerprint | d3108911a8e5644f |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 19, 2024, midnight |
Added to db | Dec. 21, 2024, 4:50 a.m. |
Last updated | Dec. 23, 2024, 12:09 p.m. |
Headline | JPCERT/CC Eyes |
Title | Recent Cases of Watering Hole Attacks, Part 1 - JPCERT/CC Eyes |
Detected Hints/Tags/Attributes | 47/3/21 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://blogs.jpcert.or.jp/en/2024/12/watering_hole_attack_part1.html |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 62 | ✔ | JPCERT/CCブログ 英語版 | https://blogs.jpcert.or.jp/en/atom.xml | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 2 | www.mcasprod.com |
|
Details | Domain | 2 | patient-flower-ccef.nifttymailcom.workers.dev |
|
Details | Domain | 2 | patient-flower-cdf.nifttymailcom.workers.dev |
|
Details | Domain | 2 | cdn.nifttymail.com |
|
Details | File | 3 | flashupdateinstall.exe |
|
Details | File | 4 | system32.dll |
|
Details | File | 2 | tips.exe |
|
Details | File | 2 | c:\users\public\downloads\tips.exe |
|
Details | File | 127 | avp.exe |
|
Details | File | 239 | min.js |
|
Details | File | 5 | %windir%\syswow64\dllhost.exe |
|
Details | File | 4 | %windir%\sysnative\dllhost.exe |
|
Details | sha256 | 2 | 791c28f482358c952ff860805eaefc11fd57d0bf21ec7df1b9781c7e7d995ba3 |
|
Details | sha256 | 2 | a0224574ed356282a7f0f2cac316a7a888d432117e37390339b73ba518ba5d88 |
|
Details | sha256 | 2 | 7b334fce8e3119c2807c63fcc7c7dc862534f38bb063b44fef557c02a10fdda1 |
|
Details | sha256 | 2 | 284431674a187a4f5696c228ce8575cbd40a3dc21ac905083e813d7ba0eb2f08 |
|
Details | sha256 | 2 | df0ba6420142fc09579002e461b60224dd7d6d159b0f759c66ea432b1430186d |
|
Details | sha256 | 2 | 3bf1e683e0b6050292d13be44812aafa2aa42fdb9840fb8c1a0e4424d4a11e21 |
|
Details | sha256 | 2 | f8ba95995d772f8c4c0ffcffc710499c4d354204da5fa553fd33cf1c5f0f6edb |
|
Details | Pdb | 2 | c:\users\jack\viewer\bin\viewer.pdb |
|
Details | Url | 2 | http://cdn.nifttymail.com |