Evasion Tactics in Hybrid Credit Card Skimmers
Tags
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | a1f39106-c09b-4234-a15e-99e8a477fc2c |
| Fingerprint | b42633d32c458e07 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | June 5, 2020, 12:51 p.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 19, 2024, 11 a.m. |
| Headline | Evasion Tactics in Hybrid Credit Card Skimmers |
| Title | Evasion Tactics in Hybrid Credit Card Skimmers |
| Detected Hints/Tags/Attributes | 32/1/14 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | jshost.org |
|
| Details | Domain | 1 | scriptb.com |
|
| Details | File | 67 | get.php |
|
| Details | File | 1210 | index.php |
|
| Details | File | 1 | l4.php |
|
| Details | File | 1 | msm.js |
|
| Details | File | 1 | l3.php |
|
| Details | File | 2 | l2.php |
|
| Details | File | 5 | l.php |
|
| Details | sha256 | 1 | 687474703a2f2f3138352e3131302e3133322e3232302f6c342e7068703f703d |
|
| Details | IPv4 | 1 | 185.110.132.220 |
|
| Details | Url | 1 | http://185.110.132.220/l4.php?p= |
|
| Details | Url | 1 | https://msm.jshost.org/l3.php?p=222 |
|
| Details | Url | 1 | https://scriptb.com/l2.php?p=197 |