ioc[.]one - OSINT Cyber Threat Intelligence Database

Magecart Group 4: A link with Cobalt Group? | Malwarebytes Labs

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Email Accounts - T1585.002 Email Accounts - T1586.002 Email Addresses - T1589.002 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	cfb6ae69-cf97-4204-8f43-32d36357d16b
Fingerprint	a2f92fdf6981eda9
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 3, 2019, midnight
Added to db	Feb. 18, 2023, 12:34 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Magecart Group 4: A link with Cobalt Group?
Title	Magecart Group 4: A link with Cobalt Group? \| Malwarebytes Labs
Detected Hints/Tags/Attributes	61/2/91

Source URLs

	Redirection	Url
Details	Source	https://blog.malwarebytes.com/threat-analysis/2019/10/magecart-group-4-a-link-with-cobalt-group/
Details	Source	https://www.malwarebytes.com/blog/news/2019/10/magecart-group-4-a-link-with-cobalt-group
Details	Redirection	https://www.malwarebytes.com/blog/threat-analysis/2019/10/magecart-group-4-a-link-with-cobalt-group/

URL Provider

Details	Provider	Source level domain
Details	malwarebytes.com	blog.malwarebytes.com
Details	malwarebytes.com	www.malwarebytes.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	secureqbrowser.com
Details	Domain	1	bootstraproxy.com
Details	Domain	1	s3-us-west.com
Details	Domain	396	protonmail.com
Details	Domain	1	secure.upgradenstore.com
Details	Domain	68	keemail.me
Details	Domain	1	my1xbet.top
Details	Domain	1	oracle-business.com
Details	Domain	1	oracle-system.com
Details	Domain	89	protonmail.ch
Details	Domain	167	tutanota.com
Details	Domain	35	tutamail.com
Details	Domain	272	outlook.com
Details	Domain	1	my-1xbet.com
Details	Domain	1	sbeibank.online
Details	Domain	1	curacaoegaming.site
Details	Domain	1	newreg.site
Details	Domain	1	sbepbank.com
Details	Domain	1	orkreestr.com
Details	Domain	1	orkreestr.host
Details	Domain	1	sbersafe.top
Details	Domain	1	aoreestr.site
Details	Domain	1	newreg.host
Details	Domain	1	sbeibank.com
Details	Domain	1	sbelbank.com
Details	Domain	1	aoreestr.online
Details	Domain	1	curacaoegaming.online
Details	Domain	1	sbepbank.online
Details	Domain	1	sbelbank.online
Details	Domain	1	curacao-egaming.online
Details	Domain	1	my1xbet.online
Details	Domain	1	orkreestr.press
Details	Domain	1	newreg.online
Details	Domain	1	aoreestr.com
Details	Domain	2	akamaiservice-cdn.com
Details	Domain	2	appleservice-cdn.com
Details	Domain	2	bing-cdn.com
Details	Domain	2	booking-cdn.com
Details	Domain	3	cdn-googleapi.com
Details	Domain	2	cdn-skype.com
Details	Domain	2	cdn-yahooapi.com
Details	Domain	2	cdnj-cloudflare.com
Details	Domain	2	cisco-cdn.com
Details	Domain	2	cloudflare-cdn-r5.com
Details	Domain	2	digicert-cdn.com
Details	Domain	2	exchange-cdn.com
Details	Domain	2	facebook77-cdn.com
Details	Domain	2	globaltech-cdn.com
Details	Domain	2	gmail-cdn3.com
Details	Domain	2	googl-analytic.com
Details	Domain	2	google-services-s5.com
Details	Domain	2	hpservice-cdn.com
Details	Domain	2	infosys-cdn.com
Details	Domain	2	instagram-cdn.com
Details	Domain	2	live-cdn2.com
Details	Domain	2	logitech-cdn.com
Details	Domain	2	msdn-cdn.com
Details	Domain	2	msdn-update.com
Details	Domain	2	mse-cdn.com
Details	Domain	2	pci-cdn.com
Details	Domain	2	realtek-cdn.com
Details	Domain	2	servicebing-cdn.com
Details	Domain	2	testing-cdn.com
Details	Domain	2	tw32-cdn.com
Details	Domain	2	vmware-cdn.com
Details	Domain	2	windowsupdatemicrosoft.com
Details	Domain	2	yahooservices-cdn.com
Details	Email	1	robertbalbarran@protonmail.com
Details	Email	1	petersmelanie@protonmail.com
Details	Email	1	josemhansen@protonmail.com
Details	Email	1	jamesncharette@protonmail.com
Details	Email	1	paulajwilson@protonmail.com
Details	Email	1	charliesdiaz@protonmail.ch
Details	Email	1	johnnware@keemail.me
Details	Email	1	everettgsullivan@tutanota.com
Details	Email	1	kellymwise@protonmail.ch
Details	Email	1	michaelslantigua@keemail.me
Details	Email	1	beverlybshubert@protonmail.com
Details	Email	1	carolynkwoosley@protonmail.com
Details	Email	1	johnnysramirez@tutanota.com
Details	Email	1	normajhollins@tutamail.com
Details	Email	1	timothykasten@protonmail.com
Details	Email	1	gladysjhipp@protonmail.com
Details	Email	1	guykmcdonald@protonmail.com
Details	Email	1	johndroy@outlook.com
Details	Email	1	jasoncantrell1996@protonmail.com
Details	File	1	mask.js
Details	File	1	transaction.doc
Details	Threat Actor Identifier - FIN	73	FIN6
Details	Threat Actor Identifier - FIN	377	FIN7
Details	CVE	269	cve-2017-0199