Investigating Crimeware Name Servers — Silent Push Threat Intelligence
Tags
attack-pattern: Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID aa8e0182-63f7-437b-b8ea-f49f641fb233
Fingerprint a380cf34fa887b5
Analysis status DONE
Considered CTI value 0
Text language
Published May 28, 2024, midnight
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 11, 2024, 1:31 a.m.
Headline Investigating Crimeware Name Servers
Title Investigating Crimeware Name Servers — Silent Push Threat Intelligence
Detected Hints/Tags/Attributes 34/1/23
Source URLs
Redirection Url
Details Source https://www.silentpush.com/blog/evolution-cyber-attack
URL Provider
Details Provider Source level domain
Details silentpush.com www.silentpush.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
service-update.link
Details Domain 1 
dendrite.network
Details Domain 1 
update-support.network
Details Domain 11 
colocrossing.com
Details Domain 1 
hs-securealerts.com
Details Domain 1 
ref0948a.com
Details Domain 1 
uk-taxupdate.com
Details Domain 1 
aem-new.com
Details Domain 1 
aempath.com
Details Domain 1 
com-gb.mobi
Details Domain 50 
avsvmcloud.com
Details Domain 1 
paypalservice.support
Details Domain 1 
small-url.cc
Details Domain 1 
election.finance
Details Domain 1 
ulsterbankonlineltd.com
Details Domain 1 
choicebank.online
Details Domain 1 
documentcloud.pw
Details Domain 1 
rbscotland-online.com
Details Domain 1 
btctools.net
Details Domain 1 
gb-kpmg.com
Details Domain 1 
secure-id.cloud
Details Domain 1 
service-ca-verification.com
Details Domain 19 
teamtnt.red