ioc[.]one - OSINT Cyber Threat Intelligence Database

Investigating NATO-Themed Phishing Lures With EclecticIQ Intelligence Center and Endpoint Response Tool

Tags

country:	Belgium Netherlands France Luxembourg Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Regsvr32 - T1218.010 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Regsvr32 - T1117

Show in Graph

Common Information

Type	Value
UUID	bcbd1224-c976-4a07-8d6c-36fb5530aaff
Fingerprint	f94b98ded13ab80
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 22, 2022, midnight
Added to db	Jan. 16, 2023, 3:54 p.m.
Last updated	Nov. 16, 2024, 8:06 p.m.
Headline	Investigating NATO-Themed Phishing Lures With EclecticIQ Intelligence Center and Endpoint Response Tool
Title	Investigating NATO-Themed Phishing Lures With EclecticIQ Intelligence Center and Endpoint Response Tool
Detected Hints/Tags/Attributes	66/3/28

Source URLs

	Redirection	Url
Details	Source	https://blog.eclecticiq.com/investigating-nato-themed-phishing-lures-with-eclecticiq-intelligence-center-and-endpoint-response-tool

URL Provider

Details	Provider	Source level domain
Details	eclecticiq.com	blog.eclecticiq.com

Attributes

Details	Type	#Events	Value
Details	CVE	102	cve-2021-40444
Details	Domain	1	taisunwin.club
Details	Domain	1	sunvn.vin
Details	Domain	12	llnwi.net
Details	Domain	49	eclecticiq.com
Details	Domain	18	cti.eclecticiq.com
Details	Domain	2	www.brusselstimes.com
Details	Domain	99	therecord.media
Details	Domain	6	nltimes.nl
Details	Email	47	research@eclecticiq.com
Details	File	1	plant.docx
Details	File	1	surrendered.docx
Details	File	2	ukraine.docx
Details	md5	1	6346968714483ec737c6142b320ac98d
Details	sha256	1	27c933377f35879466d252b1cc2fc3a1474445faa0ea54c5bbbc16e62884abdc
Details	sha256	1	a5926d0f35e5622a41776d75488f6e29f76261e61c124359327169a6674539e1
Details	sha256	1	9a1c120455b2f9c6b0590ee0715876f9c37c52bd519c6b57594240c91ba2a40b
Details	sha256	1	dbb86b8c7b41e9dd7b66d970b08e4949e94b90977d2cb432760cff269dd24098
Details	sha256	1	3025d6dc44ce763b4f6a8b129bd98fafa69841477ad584eee7b74fc5e6cda83c
Details	sha256	1	a23c30235bd7f138b6b681b4b285365503d50e10c7cf6a4ebc9a82186439563a
Details	sha256	1	55f2000d71028725996d7edc2c847e103e3bbb8eea3da9220e396e2199d2d2c4
Details	sha256	1	1805efeb87b87dee38314c8c4e6b6b00f5d0c5e5d750bda26ed7e7f58a4bd4d4
Details	Url	5	https://cti.eclecticiq.com/taxii/discovery
Details	Url	1	https://www.brusselstimes.com/86197/reports-of-cyberattack-against-belgium-nearly-tripled-in-2019
Details	Url	1	https://therecord.media/city-of-liege-belgium-hit-by-ransomware
Details	Url	1	https://nltimes.nl/2021/10/07/vdl-manufacturing-severely-affected-cyber-attack
Details	Url	1	https://nltimes.nl/2021/02/27/secondary-school-pays-ransom-hit-cyber-attack
Details	Url	1	https://nltimes.nl/2020/01/24/maastricht-univ-paid-eu250k-ransomware-hackers-report