Rewterz Threat Alert – Crafted ZIP Files Bypass Secure Email Gateways to Drop Nanocore - Rewterz
Tags
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Data Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 |
Common Information
Type | Value |
---|---|
UUID | b70558f3-9e15-4d63-8c2d-69c1a897ae95 |
Fingerprint | a994e67b2e9dce08 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Nov. 7, 2019, 4:10 p.m. |
Added to db | Dec. 19, 2024, 8:03 p.m. |
Last updated | Dec. 19, 2024, 8:04 p.m. |
Headline | Rewterz Threat Alert – Crafted ZIP Files Bypass Secure Email Gateways to Drop Nanocore |
Title | Rewterz Threat Alert – Crafted ZIP Files Bypass Secure Email Gateways to Drop Nanocore - Rewterz |
Detected Hints/Tags/Attributes | 28/2/11 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | File | 1 | order.jpg |
|
Details | File | 1 | shipping_mx00034900_pl_inv_pdf.exe |
|
Details | File | 1 | shipping_mx00034900_pl_inv_pdf.zip |
|
Details | md5 | 1 | 5e67dc41d0826d86ff6eb5fa03fcd836 |
|
Details | md5 | 1 | 7f8b1f146b1495fe8d81952b06c0b45b |
|
Details | sha1 | 2 | 9474e1517c98d4165300a49612888d16643efbf6 |
|
Details | sha1 | 2 | 06b80f9a0fba1d830dcf2ecf225ed1d19060589a |
|
Details | sha256 | 1 | e90b970c5e5ddf821d6f9f4d7d710d6dc01d59b517e8fb39da726803dc52b5ad |
|
Details | sha256 | 1 | 91d539af85599fda3fb2fb023866b72d64adc2bb95f6153e655cc844564de02e |
|
Details | IPv4 | 2 | 194.5.98.85 |
|
Details | IPv4 | 15 | 1.2.2.0 |