Masslogger campaigns exfiltrates user credentials
Tags
Common Information
| Type | Value |
|---|---|
| UUID | ad2805fc-4f7a-4378-bc09-1d69ff4c9549 |
| Fingerprint | ac190ab1b117c684 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 17, 2021, 8 a.m. |
| Added to db | Sept. 11, 2022, 12:40 p.m. |
| Last updated | Nov. 17, 2024, 6:56 p.m. |
| Headline | Vulnerability Information |
| Title | Masslogger campaigns exfiltrates user credentials |
| Detected Hints/Tags/Attributes | 0/0/47 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.talosintelligence.com/2021/02/masslogger-cred-exfil.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | sinetcol.co |
|
| Details | Domain | 1 | service-med-star.gr |
|
| Details | Domain | 149 | system.security |
|
| Details | Domain | 1 | med-star.gr |
|
| Details | Domain | 1 | www.med-star.gr |
|
| Details | Domain | 904 | snort.org |
|
| Details | Domain | 1 | becasmedikal.com.tr |
|
| Details | Domain | 1 | risu.fi |
|
| Details | Domain | 1 | topometria.com.cy |
|
| Details | Domain | 1 | bouinteriorismo.com |
|
| Details | Domain | 1 | optovision.gr |
|
| Details | Domain | 1 | hotelaretes.gr |
|
| Details | Domain | 1 | jetfleet24.com |
|
| Details | File | 1 | d9.jpg |
|
| Details | File | 34 | hh.exe |
|
| Details | File | 1 | d7.jpg |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 1 | waves.dll |
|
| Details | File | 149 | msbuild.exe |
|
| Details | File | 1 | a7.jpg |
|
| Details | File | 1 | a5.jpg |
|
| Details | File | 1 | a12.jpg |
|
| Details | File | 1 | r9.jpg |
|
| Details | File | 1 | 4b.jpg |
|
| Details | File | 1 | v8.jpg |
|
| Details | File | 1 | t5.jpg |
|
| Details | Github username | 15 | cisco-talos |
|
| Details | sha256 | 1 | 54ca02b013e898be2606f964bc0946430a276de9ef478596a1d33cb6f806db8c |
|
| Details | sha256 | 1 | 516d45fcbdbdc4526bdd0f6979fe3ad929b82e1fd31247c7891528703ac16131 |
|
| Details | sha256 | 1 | 1c0a17a11a4b64dbe6082be807309a3c447b4861ea56155c1bfcf4d072746d38 |
|
| Details | sha256 | 1 | 7c92e1befd1cc5fa4a253716ac8441f6e29a351b7e449d3b8ef171cb6181db8e |
|
| Details | sha256 | 1 | 83c64bf1c919c5e6ce25633d0eff2b7cda5b93a210b60372d984f862933e0b4e |
|
| Details | sha256 | 1 | e2c3ad4bedf9e6d1122d418e97dfb743b1559a5af99befabed5bb7c6164028a8 |
|
| Details | sha256 | 1 | 8129a86056aa28f2af87110bb25732b14b77f18a7c820d9bcf1adcd2c7d97a7a |
|
| Details | sha256 | 1 | 742b9912f329c05296e2f837555dceea0ae3e06e80aa178a9127692d25e21479 |
|
| Details | sha256 | 1 | 04910322c2e91d58e9ed3c5bcc3a18be1ba1b5582153184d1f5da3d9c42bac15 |
|
| Details | sha256 | 1 | aac62b80b790d96882b4b747a8ed592f45b39ceadd9864948bb391f3f41d7f9f |
|
| Details | sha256 | 1 | f946e1c690fc2125af4ad7d3d1b93c6af218a82d55a11a5a6ee5a9b04a763e7f |
|
| Details | sha256 | 1 | 9cd7622ade7408c03e0c966738f51f74f884fbafdf3fe97edf4be374a7fb1d77 |
|
| Details | sha256 | 1 | 5415bcc4bffa5191a1fac3ce3b11c46335d19f053f5d9d51a10f4ed77393ed82 |
|
| Details | sha256 | 1 | 0eef444f062ea06340ca7ef300cb39c44a6cdf7ead2732bb885d79f098991cb8 |
|
| Details | sha256 | 1 | df929834de2b10efaa8b2cb67c71ae98508cfb79f22213ee24aedc38a962ccb5 |
|
| Details | sha256 | 1 | 49fc4103d8747de341b9d3cd08f05c83f2e6943215df6939d02c7c3099345343 |
|
| Details | sha256 | 1 | 39dbe72ea847012243e4642d766fd4cf6fe138302cbfba67c65088b2cdefc1f4 |
|
| Details | sha256 | 1 | a16fa0a14f0d20b66af550e3cdb0b60f8ffb965415404df6cc8164e62dfbe124 |
|
| Details | sha256 | 1 | da256158ac0d7dc031b2541f9b7486d9822a402b6e9c5176c2ec2ed717592fbf |
|
| Details | MITRE ATT&CK Techniques | 409 | T1566 |