Field Effect discovers M365 adversary-in-the-middle campaign
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Adversary-In-The-Middle - T1638 Adversary-In-The-Middle - T1557 Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Email Accounts - T1585.002 Email Accounts - T1586.002 Ip Addresses - T1590.005 Password Spraying - T1110.003 Phishing - T1660 Phishing - T1566 Social Media - T1593.001 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID 9d3c2dd0-6db6-4894-bb6f-eeb9acb222d2
Fingerprint 30012ad10a19cc0f
Analysis status DONE
Considered CTI value 0
Text language
Published July 5, 2024, 6:48 p.m.
Added to db Oct. 16, 2024, 3:02 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Field Effect discovers M365 adversary-in-the-middle campaign
Title Field Effect discovers M365 adversary-in-the-middle campaign
Detected Hints/Tags/Attributes 50/2/39
Source URLs
Redirection Url
Details Source https://fieldeffect.com/blog/field-effect-discovers-m365-adversary-in-the-middle-campaign
URL Provider
Details Provider Source level domain
Details fieldeffect.com fieldeffect.com
Attributes
Details Type #Events CTI Value
Details Autonomous System Number 7 
AS47583
Details Autonomous System Number 5 
AS207713
Details Domain 1 
live.dot.vu
Details Domain 1 
8ex.unceridefu.com
Details Domain 1 
axios-http.com
Details Domain 1 
lsj.logentr.com
Details Domain 1 
okhyg.unsegin.com
Details Domain 1 
ldn3.p9j32.com
Details File 1 
live.dot
Details File 674 
node.js
Details File 1 
lsj.log
Details File 173 
outlook.exe
Details IPv4 5 
172.64.80.1
Details IPv4 1 
141.98.233.86
Details IPv4 1 
154.56.56.200
Details IPv4 1 
162.213.251.86
Details IPv4 1 
194.164.76.149
Details IPv4 1 
212.18.104.107
Details IPv4 1 
212.18.104.108
Details IPv4 1 
212.18.104.109
Details IPv4 1 
212.18.104.7
Details IPv4 1 
212.18.104.78
Details IPv4 1 
212.18.104.79
Details IPv4 1 
212.18.104.80
Details IPv4 1 
212.18.104.90
Details IPv4 1 
54.186.238.27
Details IPv4 1 
62.133.61.17
Details IPv4 1 
62.133.61.18
Details IPv4 1 
72.68.160.230
Details IPv4 1 
92.118.112.53
Details IPv6 1 
5be5::1
Details IPv6 1 
86a6::1
Details IPv6 1 
b082::1
Details IPv6 1 
318a::1
Details IPv6 1 
423e::1
Details IPv6 1 
412f::1
Details IPv6 1 
7c34::1
Details Url 1 
https://live.dot.vu/p/mccpppo/flipbook-start-with-pdf
Details Url 1 
https://8ex.unceridefu.com/cy2tcmx2/.