ioc[.]one - OSINT Cyber Threat Intelligence Database

Transparent Tribe begins targeting education sector in latest campaign

Tags

country:	Afghanistan India Pakistan
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Web Services - T1583.006 Web Services - T1584.006

Show in Graph

Common Information

Type	Value
UUID	a6add6ce-9340-4375-90b2-a23e2f24de29
Fingerprint	850019991036cf29
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 13, 2022, 7:58 p.m.
Added to db	Sept. 26, 2022, 9:33 a.m.
Last updated	Nov. 19, 2024, 5:08 a.m.
Headline	Vulnerability Information
Title	Transparent Tribe begins targeting education sector in latest campaign
Detected Hints/Tags/Attributes	62/3/56

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2022/07/transparent-tribe-targets-education.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	Value
Details	Domain	3	studentsportal.live
Details	Domain	3	studentsportal.website
Details	Domain	2	studentsportal.co
Details	Domain	3	cloud-drive.store
Details	Domain	2	user-onedrive.live
Details	Domain	2	drive-phone.online
Details	Domain	2	geo-news.tv
Details	Domain	1179	gmail.com
Details	Domain	3	geo.tv
Details	Domain	2	cloud-drive.geo-news.tv
Details	Domain	2	drive-phone.geo-news.tv
Details	Domain	2	studentsportal.geo-news.tv
Details	Domain	2	user-onedrive.geo-news.tv
Details	Domain	2	zainhosting.net
Details	Domain	2	vebhost.com
Details	Domain	2	ns1.vebhost.com
Details	Domain	2	ns2.vebhost.com
Details	Domain	2	zainhosting.com
Details	Domain	2	ns5.zainhosting.com
Details	Domain	2	ns6.zainhosting.com
Details	Domain	904	snort.org
Details	Domain	2	nsdrive-phone.online
Details	Domain	2	statefinancebank.com
Details	Domain	2	in.statefinancebank.com
Details	Domain	2	centralink.online
Details	Domain	2	studentsportal.live.geo-news.tv
Details	Domain	2	phone-drive.online.geo-news.tv
Details	Domain	2	sunnyleone.hopto.org
Details	Domain	2	swissaccount.ddns.net
Details	Domain	2	5-mar.zip
Details	Email	2	immikhan034@gmail.com
Details	Email	2	rupees001@gmail.com
Details	File	2	cloud-drive.geo
Details	File	2	drive-phone.geo
Details	File	2	studentsportal.geo
Details	File	2	user-onedrive.geo
Details	sha256	2	bdeb9d019a02eb49c21f7c04169406ac586d630032a059f63c497951303b8d00
Details	sha256	2	388f212dfca2bfb5db0a8b9958a43da6860298cdd4fcd53ed2c75e3b059ee622
Details	sha256	2	0d61d5fe8dbf69c6e61771451212fc8e587d93246bd866adf1031147d6d4f8c2
Details	sha256	2	14ee2e3a9263bab359bc19050567d0dbd6371c8c0a7c6aeba71adbf5df2fc35b
Details	sha256	2	8c1a5052bf3c1b33aff9e249ae860ea1435ce716d5b5be2ec3407520507c6d37
Details	sha256	2	79aee357ea68d8f66b929ba2e57465eaee4d965b0da5001fe589afe1588874e3
Details	sha256	2	8b786784c172c6f8b241b1286a2054294e8dc2c167d9b4daae0e310a1d923ba0
Details	sha256	2	b4819738a277090405f0b5bbcb31d5dd3115f7026401e5231df727da0443332a
Details	sha256	2	e2cf71c78d198fdc0017b7bfd6ce8115301174302b3eaaf50cfc384db96bc573
Details	sha256	2	8c9b0fd259e7f016f53be8edc53fe5f908b48ae691e21f0f820da11429e595d8
Details	sha256	2	f3a1ac021941b481ac7e2335b74ebf1e44728e8917381728f1f5b390c6f34706
Details	sha256	2	fc34f9087ab199d0bac22aa97de48e5592dbf0784342b9ecd01b4a429272ab5b
Details	sha256	2	b3f8e026f39056ec5e66700e03eeaf57454ee9c0bc1c719d74e10f5702957305
Details	sha256	2	9159d4e354218870461c96bedcc7b5b026f872d30235bb4536cc4a5ce4154725
Details	sha256	2	b614436bf9461b80384bae937d699f8c3886bcc65b907e0c8126b4df59ea8cdb
Details	sha256	2	28390e3ea8a547f05ca08551f484292d46398a2b38fd4aae001ac7d056c5abc0
Details	IPv4	2	198.37.123.126
Details	IPv4	2	192.3.99.68
Details	Url	2	https://studentsportal.live/download.php?file=mental_health_survey.docm
Details	Url	2	https://studentsportal.website/download.php?file=5-mar.zip