ioc[.]one - OSINT Cyber Threat Intelligence Database

TellYouThePass阴魂不散

Tags

attack-pattern:

Data

Show in Graph

Common Information

Type	Value
UUID	d2c83154-ccea-4f03-ae54-b93a73ce8316
Fingerprint	87d8c17111de488
Analysis status	DONE
Considered CTI value	0
Text language
Published	March 22, 2024, midnight
Added to db	Aug. 31, 2024, 9:04 a.m.
Last updated	Oct. 1, 2024, 3:40 p.m.
Headline	TellYouThePass阴魂不散
Title	TellYouThePass阴魂不散
Detected Hints/Tags/Attributes	9/1/12

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s?__biz=MzU5MjEzOTM3NA==&mid=2247505339&idx=1&sn=dd0dae875c60dffc02c478c26f7ba7e3&chksm=fe26d0bac95159ac4f1e77aa18c2e7718098dec45b9607b566a4e98e427599efefc3ad390d1b&scene=58&subscene=0#rd

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	263	✔	三六零CERT	https://wechat2rss.xlab.app/feed/2dbce2e5f7b49dc8415db7a0ab325929e0f5d8c3.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CERT 360 CN	2		CERT-R-2024-757
Details	Domain	3		helloworldtom.online
Details	Domain	7		taobao.com
Details	Domain	6		www.chanjetvip.com
Details	Domain	2		csctools.kingdee.com
Details	Domain	100		cert.360.cn
Details	Email	3		service@helloworldtom.online
Details	File	2		read_me+2位随机数字.html
Details	File	2		read_me6.html
Details	File	3		进而调用系统进程mshta.exe
Details	Url	2		https://www.chanjetvip.com/product/goods/https://csctools.kingdee.com
Details	Url	93		https://cert.360.cn