Resurgence of the Feodo banking Trojan on a government network | Darktrace Blog
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Model Models Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006 Vulnerability Scanning - T1595.002
Show in Graph
Common Information
Type Value
UUID e4191f5c-103a-4e43-ad25-0ff20cfd537c
Fingerprint a7912111a933d68b
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 1, 2017, midnight
Added to db Aug. 13, 2023, 1:35 a.m.
Last updated Oct. 16, 2024, 2:03 a.m.
Headline Resurgence of the Feodo banking Trojan on a government network
Title Resurgence of the Feodo banking Trojan on a government network | Darktrace Blog
Detected Hints/Tags/Attributes 100/2/26
Source URLs
Redirection Url
Details Source https://darktrace.com/blog/resurgence-of-the-feodo-banking-trojan-on-a-government-network
URL Provider
Details Provider Source level domain
Details darktrace.com darktrace.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 101 https://de.darktrace.com/blog/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 1 
euwtrdjuee.biz
Details Domain 1 
fedex-track-tracknumbers-133977976498-language-en.zip
Details Domain 1 
hd12530.mi.saltedhaze.org
Details Domain 1 
rbqfkjjemttqumeobxb.org
Details Domain 1 
tmmiqtsdnkjdcqr.biz
Details Domain 1 
dc1-2012.mi.saltedhaze.org
Details Domain 1 
mehqdlodsgggehchxdwfsmmoq.biz
Details Domain 76 
ipfs.io
Details Domain 58 
image.thum.io
Details Domain 58 
logo.clearbit.com
Details Domain 58 
mku.ipfs.dweb.link
Details Domain 58 
filebase.com
Details File 1 
fedex-track-tracknumbers-133977976498-language-en.zip
Details File 1 
tptzfqa.exe
Details File 58 
ob.html
Details File 58 
atob.html
Details File 58 
cpmk.htm
Details IPv4 1 
172.16.14.39
Details IPv4 2 
76.164.161.46
Details IPv4 1 
89.38.128.232
Details IPv4 1 
172.16.10.41
Details Url 1 
http://xx.ro/ups__ship__notification__tracking__number__2sm099383266006810/y0894c/fedex-track/track-tracknumbers-673639733202
Details Url 58 
https://ipfs.io/ipfs/qmfddxlwoliqfurx6duzcshxvbp1znm21h5jxgs1ffnxtp?filename=at
Details Url 58 
https://ipfs.io/ipfs/qmfddxlwoli
Details Url 58 
https://filebase.com/blog/ipfs-content-addressing-explained
Details Url 58 
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/the-attack-of-the-chameleon-phishing-page