ioc[.]one - OSINT Cyber Threat Intelligence Database

Phishing Websites Disguised as Korean Groupware Login Website Being Distributed - ASEC BLOG

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Credentials - T1589.001 Email Account - T1087.003 Email Accounts - T1585.002 Email Accounts - T1586.002 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566

Show in Graph

Common Information

Type	Value
UUID	b448eb7e-7d3c-411a-8d4e-156ced063fd0
Fingerprint	899b9b130b46bece
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 14, 2022, 9:40 a.m.
Added to db	Oct. 24, 2023, 1:38 p.m.
Last updated	Sept. 4, 2024, 2:51 p.m.
Headline	Phishing Websites Disguised as Korean Groupware Login Website Being Distributed
Title	Phishing Websites Disguised as Korean Groupware Login Website Being Distributed - ASEC BLOG
Detected Hints/Tags/Attributes	15/2/17

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/en/38786/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	2		5imk2-hiaaa-aaaad-qdtoa-cai.ic.fleek.co
Details	Domain	2		55l3x-gaaaa-aaaad-qdtnq-cai.ic.fleek.co
Details	Domain	2		5tjw7-5qaaa-aaaad-qdtmq-cai.ic.fleek.co
Details	Domain	5		siasky.net
Details	Domain	2		gfyyyryrye.steep-rice-1b7d.izulink0047002.workers.dev
Details	Domain	2		dev-onaebe-all.pantheonsite.io
Details	File	8		cp.php
Details	Url	2		https://5imk2-hiaaa-aaaad-qdtoa-cai.ic.fleek.co/?#
Details	Url	2		https://55l3x-gaaaa-aaaad-qdtnq-cai.ic.fleek.co/?#
Details	Url	2		https://5tjw7-5qaaa-aaaad-qdtmq-cai.ic.fleek.co/?#
Details	Url	2		https://siasky.net/oacznpwrnbe5e1qbovnanlc5pfd4riklb0jwlvqvhk3elg?#
Details	Url	2		https://gfyyyryrye.steep-rice-1b7d.izulink0047002.workers.dev
Details	Url	2		https://dev-onaebe-all.pantheonsite.io/wp-content/cp.php
Details	Url	2		https://5imk2-hiaaa-aaaad-qdtoa-cai.ic.fleek.co/?
Details	Url	2		https://55l3x-gaaaa-aaaad-qdtnq-cai.ic.fleek.co/?
Details	Url	2		https://5tjw7-5qaaa-aaaad-qdtmq-cai.ic.fleek.co/?
Details	Url	2		https://siasky.net/oacznpwrnbe5e1qbovnanlc5pfd4riklb0jwlvqvhk3elg?