HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content
Tags
country: Australia Singapore
maec-delivery-vectors: Watering Hole
attack-pattern: Data Html Smuggling - T1027.006 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID da8d8d1d-1b15-403d-9d29-d3840062977a
Fingerprint 8430891a38853f8f
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 24, 2024, 1 p.m.
Added to db Sept. 24, 2024, 3:10 p.m.
Last updated Oct. 14, 2024, 11:05 a.m.
Headline HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content
Title HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content
Detected Hints/Tags/Attributes 41/3/11
Source URLs
Redirection Url
Details Source https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/html-smuggling-how-blob-urls-are-abused-to-deliver-phishing-content/
URL Provider
Details Provider Source level domain
Details trustwave.com www.trustwave.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 386 SpiderLabs Blog https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
www.imperauto.com.br
Details Domain 2 
csp.wsiz.pl
Details Domain 2 
pub-bbe243ba90f4462ea7249d1206164f64.r2.dev
Details Domain 2 
hyp.ekspar.com.tr
Details File 7 
window.url
Details md5 2 
bbe243ba90f4462ea7249d1206164f64
Details Url 2 
https://www.imperauto.com.br/tmp/y8z57m
Details Url 2 
https://csp.wsiz.pl/wp-admin/one.htm
Details Url 2 
https://pub-bbe243ba90f4462ea7249d1206164f64.r2.dev/index.html
Details Url 2 
https://pub-bbe243ba90f4462ea7249d1206164f64.r2.dev/013a95bc-e14b-40b6-9524-762cfa05262b
Details Url 2 
https://hyp.ekspar.com.tr/class/tmp/amex-fix2/res.php