HTML Smuggling: Blob URL используются для доставки фишингового контента - SEC-1275-1
Tags
| attack-pattern: | Html Smuggling - T1027.006 Javascript - T1059.007 |
Common Information
| Type | Value |
|---|---|
| UUID | c10f588e-fb32-4236-ac9f-2d80c909e269 |
| Fingerprint | 77182a1c408f3d5a |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 25, 2024, midnight |
| Added to db | Sept. 25, 2024, 8:49 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | HTML Smuggling: Blob URL используются для доставки фишингового контента |
| Title | HTML Smuggling: Blob URL используются для доставки фишингового контента - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 9/1/14 |
Source URLs
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | pub-bbe243ba90f4462ea7249d1206164f64.r2.dev |
|
| Details | Domain | 2 | csp.wsiz.pl |
|
| Details | Domain | 2 | hyp.ekspar.com.tr |
|
| Details | Domain | 2 | www.imperauto.com.br |
|
| Details | File | 1 | wsiz.pl |
|
| Details | File | 1 | one.htm |
|
| Details | File | 3 | res.php |
|
| Details | File | 816 | index.html |
|
| Details | md5 | 2 | bbe243ba90f4462ea7249d1206164f64 |
|
| Details | Url | 2 | https://pub-bbe243ba90f4462ea7249d1206164f64.r2.dev/013a95bc-e14b-40b6-9524-762cfa05262b |
|
| Details | Url | 2 | https://csp.wsiz.pl/wp-admin/one.htm |
|
| Details | Url | 2 | https://hyp.ekspar.com.tr/class/tmp/amex-fix2/res.php |
|
| Details | Url | 2 | https://pub-bbe243ba90f4462ea7249d1206164f64.r2.dev/index.html |
|
| Details | Url | 2 | https://www.imperauto.com.br/tmp/y8z57m |