E-mail trojan attack on Booking.com and online auction website Allegro.pl clients
Tags
| country: | Poland |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Visual Basic - T1059.005 Tool - T1588.002 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | d3a049d4-0c7d-430b-867c-b908277b365c |
| Fingerprint | ac200d1901ff20d1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 25, 2014, midnight |
| Added to db | Nov. 20, 2023, 1:05 a.m. |
| Last updated | Nov. 4, 2024, 1:09 p.m. |
| Headline | Social media |
| Title | E-mail trojan attack on Booking.com and online auction website Allegro.pl clients |
| Detected Hints/Tags/Attributes | 37/3/12 |
Source URLs
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | cert.pl | cert.pl |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 81 | ✔ | CERT Polska | https://cert.pl/en/rss.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 87 | booking.com |
|
| Details | Domain | 4 | allegro.pl |
|
| Details | Domain | 2 | home.pl |
|
| Details | File | 4 | allegro.pl |
|
| Details | File | 3 | home.pl |
|
| Details | File | 1 | lxottx.exe |
|
| Details | File | 1 | packed_vb.exe |
|
| Details | File | 1 | unpacked_vb.exe |
|
| Details | File | 2 | msupdate64.exe |
|
| Details | md5 | 1 | 75e1d7d18b37a47f384bcf4ed05ebfd6 |
|
| Details | md5 | 1 | 2848a1de20c661db6aa2b8ed63984382 |
|
| Details | md5 | 1 | b13b56a75658fc7e64bf8ceadc0cca0b |