The Eye on the Nile - Check Point Research
Tags
| country: | Egypt Argentina Qatar Russia |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Whois - T1596.002 |
Common Information
| Type | Value |
|---|---|
| UUID | b1d025f6-cf16-4931-be30-a0d2202cc314 |
| Fingerprint | d40098db03276eb5 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 3, 2019, 8:19 a.m. |
| Added to db | Jan. 18, 2023, 10:16 p.m. |
| Last updated | Nov. 17, 2024, 11:36 p.m. |
| Headline | The Eye on the Nile |
| Title | The Eye on the Nile - Check Point Research |
| Detected Hints/Tags/Attributes | 77/3/40 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://research.checkpoint.com/the-eye-on-the-nile/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | maillogin.live |
|
| Details | Domain | 1 | drivebackup.co |
|
| Details | Domain | 1 | facebook.com.drivebackup.co |
|
| Details | Domain | 1175 | gmail.com |
|
| Details | Domain | 1 | indexy.org |
|
| Details | Domain | 1 | account-login.site |
|
| Details | Domain | 1 | adminmail.online |
|
| Details | Domain | 1 | el7rkaelsha3bea.ddns.net |
|
| Details | Domain | 1 | arabindex.info |
|
| Details | Domain | 1 | indexmasr.com |
|
| Details | Domain | 1 | servegates.com |
|
| Details | Domain | 1 | servergates.com |
|
| Details | Domain | 1 | txtips.com |
|
| Details | Domain | 1 | weblogin.live |
|
| Details | Domain | 1 | mailsecure.live |
|
| Details | File | 1 | capture.php |
|
| Details | File | 1 | copy_num_hn1515242134_of_عربى.xlsx |
|
| Details | File | 1 | devd.log |
|
| Details | File | 4 | v1.apk |
|
| Details | File | 1 | trackgroup.html |
|
| Details | File | 44 | logo.png |
|
| Details | File | 1 | logo_ifish.png |
|
| Details | File | 7 | whatsapp.apk |
|
| Details | sha1 | 1 | 51d941f1847c5793520cb1aaf6a252537285b2ea |
|
| Details | sha1 | 1 | 97da044a2e0f68d59c330c13fdbe1fcf1eaff84b |
|
| Details | sha1 | 1 | 12db07f5de95e19e89e36e1060b92cb0cec6d0eb |
|
| Details | sha1 | 1 | bde906c17ede824b2e058c9ace4bf4977b9f4def |
|
| Details | sha1 | 1 | 140b1f2234c41749f39396410b1928cd35ea2825 |
|
| Details | sha1 | 1 | a175eb00445e5cdf1721f155924751c76a6d8998 |
|
| Details | sha1 | 1 | 2902e80da79dec57e6b709c59e1a223545ad2e9e |
|
| Details | sha1 | 1 | 9fc4bb8957f6a42b3dcd81f6741f2cadd5a85d19 |
|
| Details | sha1 | 1 | d94cb693d95bdabb285a47b8ee372695bad69a85 |
|
| Details | sha1 | 1 | fb2c4e752de0a1fa4c7f573f02a1f3fd0f0d5a9c |
|
| Details | sha1 | 1 | 47a19941b16bd3e37f37c34c76828d4936beed90 |
|
| Details | sha1 | 1 | 4073ae8613739cd96692e5811c03c1df3d231dd9 |
|
| Details | sha1 | 1 | e90f52a6e57f4117b75ed2a7aac55d4903f3687e |
|
| Details | sha1 | 1 | 36f2297592414ca454d7f702669ce52f900ef235 |
|
| Details | sha1 | 1 | 95803f91cc12cbee2c6f8881a889c8ce3b541792 |
|
| Details | IPv4 | 1 | 185.125.228.0 |
|
| Details | IPv4 | 1 | 185.125.130.195 |