ioc[.]one - OSINT Cyber Threat Intelligence Database

A Measure of Motive: How Attackers Weaponize Digital Analytics Tools | Google Cloud Blog

Tags

cmtmf-attack-pattern:	Masquerading
country:	United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Link Target - T1608.005 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Sms Messages - T1636.004 Social Media - T1593.001 Software - T1592.002 System Checks - T1633.001 System Location Discovery - T1614 Tool - T1588.002 Connection Proxy - T1090 Masquerading - T1036 Powershell - T1086 Masquerading

Show in Graph

Common Information

Type	Value
UUID	d7aa87f1-7967-4b24-ba34-197f587c4147
Fingerprint	ac318b9928278fe9
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 30, 2024, midnight
Added to db	Aug. 31, 2024, 10:12 a.m.
Last updated	Nov. 17, 2024, 6:30 p.m.
Headline	A Measure of Motive: How Attackers Weaponize Digital Analytics Tools
Title	A Measure of Motive: How Attackers Weaponize Digital Analytics Tools \| Google Cloud Blog
Detected Hints/Tags/Attributes	111/4/33

Source URLs

	Redirection	Url
Details	Source	https://cloud.google.com/blog/topics/threat-intelligence/how-attackers-weaponize-digital-analytics-tools/
Details	Source	https://cloud.google.com/blog/topics/threat-intelligence/how-attackers-weaponize-digital-analytics-tools

URL Provider

Details	Provider	Source level domain
Details	google.com	cloud.google.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	330	✔	Threat Intelligence	https://www.mandiant.com/resources/blog/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	317	bit.ly
Details	Domain	10	rb.gy
Details	Domain	80	goo.gl
Details	Domain	1	ma.sk
Details	Domain	2	ip2location.io
Details	Domain	1	api.ip2location.io
Details	Domain	454	www.google.com
Details	Domain	768	www.youtube.com
Details	Domain	4	blackhatworld.com
Details	Domain	3	ktgotit.com
Details	Domain	6	advanced-ip-scanner.com
Details	Domain	4	aadvanced-ip-scanner.com
Details	Domain	4	britanniaeat.com
Details	File	1	'error.html
Details	File	1	'evilpage.html
Details	File	1	'nothingburger.html
Details	File	1	c:\temp\out.tmp
Details	File	4	api.js
Details	File	45	1.zip
Details	md5	4	5310d6b73d19592860e81e4e3a5459eb
Details	IPv4	4	3.5.2.1
Details	Mandiant Uncategorized Groups	3	UNC1189
Details	Mandiant Uncategorized Groups	1	UNC5296
Details	MITRE ATT&CK Techniques	17	T1608.005
Details	MITRE ATT&CK Techniques	50	T1614
Details	MITRE ATT&CK Techniques	6	T1633.001
Details	MITRE ATT&CK Techniques	22	T1583.008
Details	Threat Actor Identifier - FIN	127	FIN11
Details	Url	1	https://api.ip2location.io/?key=
Details	Url	1	https://www.google.com/recaptcha/api.js
Details	Url	5	https://www.youtube.com/watch?v=dqw4w9wgxcq
Details	Url	3	https://aadvanced-ip-scanner.com
Details	Url	3	https://britanniaeat.com/wp-includes/advanced_ip_scanner_v.3.5.2.1.zip