Rewterz Threat Alert – Suspected Kimsuky Shared Hosted Phishing Related Domains - Rewterz
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Phishing - T1660 Phishing - T1566 Denial Of Service |
Common Information
| Type | Value |
|---|---|
| UUID | aa6f7ca8-8f09-4a05-9dfd-5050b29b38f6 |
| Fingerprint | 839ec5d16d1dff47 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 29, 2020, 2:46 p.m. |
| Added to db | Dec. 19, 2024, 8:31 a.m. |
| Last updated | Dec. 19, 2024, 8:04 p.m. |
| Headline | Rewterz Threat Alert – Suspected Kimsuky Shared Hosted Phishing Related Domains |
| Title | Rewterz Threat Alert – Suspected Kimsuky Shared Hosted Phishing Related Domains - Rewterz |
| Detected Hints/Tags/Attributes | 24/2/41 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 3 | cve-2020-5930 |
|
| Details | CVE | 2 | cve-2020-13951 |
|
| Details | Domain | 4 | wave.posadadesantiago.com |
|
| Details | Domain | 3 | taplist.work |
|
| Details | Domain | 1 | dorey.work |
|
| Details | Domain | 3 | com-ssl.work |
|
| Details | Domain | 1 | poulsen.work |
|
| Details | Domain | 3 | vpstop.work |
|
| Details | Domain | 3 | sslserver.work |
|
| Details | Domain | 1 | idiolos.work |
|
| Details | Domain | 1 | default.tokyo |
|
| Details | Domain | 3 | org-vip.work |
|
| Details | Domain | 1 | verdall.xyz |
|
| Details | Domain | 1 | unrepong.work |
|
| Details | Domain | 3 | com-option.work |
|
| Details | Domain | 2 | org-view.work |
|
| Details | Domain | 3 | desk-top.work |
|
| Details | Domain | 1 | rtyuio.work |
|
| Details | Domain | 3 | webmain.work |
|
| Details | Domain | 3 | com-vps.work |
|
| Details | Domain | 1 | com-active.work |
|
| Details | Domain | 1 | dutaley.work |
|
| Details | Domain | 1 | account-protect.work |
|
| Details | Domain | 3 | com-download.work |
|
| Details | Domain | 1 | org-view.pw |
|
| Details | Domain | 3 | jp-ssl.work |
|
| Details | Domain | 1 | org-vps.work |
|
| Details | Domain | 1 | exiweng.work |
|
| Details | Domain | 1 | kinac.work |
|
| Details | Domain | 3 | com-sslnet.work |
|
| Details | Domain | 1 | robezo.work |
|
| Details | Domain | 3 | intemet.work |
|
| Details | Domain | 2 | www.registry.ohchr.tlsmain.work |
|
| Details | Domain | 2 | www.intranet.ohchr.tlsmain.work |
|
| Details | Domain | 1 | 1drv.ms.doc-view.pw |
|
| Details | Domain | 1 | mail.doc-view.pw |
|
| Details | Domain | 2 | registry.ohchr.tlsmain.work |
|
| Details | Domain | 3 | onedrive.sslport.work |
|
| Details | md5 | 1 | 9f5edb6d8a230c06512464fe84db0056 |
|
| Details | sha1 | 1 | a7461e60ae7297c20e1af5f83c42e34da2602b91 |
|
| Details | sha256 | 3 | 252d1b7a379f97fddd691880c1cf93eaeb2a5e5572e92a25240b75953c88736c |