Threat actors pose as Indian govt. to spread malware laced COVID email attachments | Threat Intelligence | CloudSEK
Tags
country: | India |
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 |
Common Information
Type | Value |
---|---|
UUID | d2112c9b-be5f-4d8f-82cf-f95387a6a47c |
Fingerprint | a49c2f1bcff2cf89 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | April 29, 2020, midnight |
Added to db | Aug. 31, 2024, 2:30 a.m. |
Last updated | Dec. 19, 2024, 8:23 p.m. |
Headline | Threat actors pose as Indian govt. to spread malware laced COVID email attachments |
Title | Threat actors pose as Indian govt. to spread malware laced COVID email attachments | Threat Intelligence | CloudSEK |
Detected Hints/Tags/Attributes | 21/3/7 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 89 | ✔ | CloudSEK Threat Intelligence | https://cloudsek.com/threatintelligence/rss.xml | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 7 | email.gov.in.maildrive.email |
|
Details | File | 1 | coronavirus_action_plan.docx |
|
Details | sha256 | 3 | 0ee399769a6e6e6d444a819ff0ca564ae584760baba93eff766926b1effe0010 |
|
Details | sha256 | 3 | b67d764c981a298fa2bb14ca7faffc68ec30ad34380ad8a92911b2350104e748 |
|
Details | IPv4 | 7 | 107.175.64.209 |
|
Details | IPv4 | 3 | 64.188.25.205 |
|
Details | Threat Actor Identifier - APT | 132 | APT36 |