RIG exploit kit returns, with modified pattern and free generated “freenom” domains
Tags
attack-pattern: Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID b4cf6858-5907-40ec-a64b-3acf9a809c83
Fingerprint e3a5091546b3caf0
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 26, 2017, 8:20 p.m.
Added to db Feb. 18, 2023, 1:18 a.m.
Last updated Sept. 1, 2024, 5:52 p.m.
Headline RIG exploit kit returns, with modified pattern and free generated “freenom” domains
Title RIG exploit kit returns, with modified pattern and free generated “freenom” domains
Detected Hints/Tags/Attributes 35/1/9
Source URLs
Redirection Url
Details Source http://blog.morphisec.com/rig-exploit-kit-returns
Details Source https://blog.morphisec.com/rig-exploit-kit-returns
URL Provider
Details Provider Source level domain
Details morphisec.com blog.morphisec.com
Attributes
Details Type #Events CTI Value
Details Domain 3 
freenom.com
Details Domain 1 
camp200917.gq
Details Domain 1 
camp200917.ml
Details Domain 1 
camp200917.tk
Details Domain 1 
camp200917.cf
Details Domain 1 
camp200917.ga
Details sha256 1 
4cad28b1f8b20f75df5e93eff725de093c4a6b660b5faf84938214cfad131e89
Details IPv4 1 
5.23.49.9
Details IPv4 1 
92.53.104.143