Credential Phishing Pages Mimicking Legitimate Webmail Login Portals - CTI Grapevine
Tags
| country: | Bangladesh China Sri Lanka Nepal India |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Phishing - T1660 Phishing - T1566 |
Common Information
| Type | Value |
|---|---|
| UUID | e668dfe2-f232-418d-a374-48f9e18d02ac |
| Fingerprint | fa818d93830ace4c |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 16, 2024, 1:05 p.m. |
| Added to db | Sept. 18, 2024, 3:47 p.m. |
| Last updated | Sept. 20, 2024, 2:51 p.m. |
| Headline | Credential Phishing Pages Mimicking Legitimate Webmail Login Portals |
| Title | Credential Phishing Pages Mimicking Legitimate Webmail Login Portals - CTI Grapevine |
| Detected Hints/Tags/Attributes | 27/3/22 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | nepal-mofa.com |
|
| Details | Domain | 2 | never-giveup.mail-downloadfiles.com |
|
| Details | Domain | 2 | large-files-d0wnl0ad-session-expired.netlify.app |
|
| Details | Domain | 1 | navy.lk.mails-gov.com |
|
| Details | Domain | 1 | mailbox-owa-bd.com |
|
| Details | Domain | 1 | mod.gov.cn.inviation.mail-files-open-preview.com |
|
| Details | Domain | 1 | all-files.mail-sessionexpired.com |
|
| Details | Domain | 1 | mail-sessionexpired.com |
|
| Details | Domain | 1 | preview-files-login.mail-sessionexpired.com |
|
| Details | Domain | 1 | proposal-pdf-login.mail-sessionexpired.com |
|
| Details | Domain | 1 | securitychallenge-cetci.mail-sessionexpired.com |
|
| Details | Domain | 1 | alitcn.mail-files-open-preview.com |
|
| Details | Domain | 1 | app-all.mail-files-open-preview.com |
|
| Details | Domain | 1 | attachments-secure-check.mail-files-open-preview.com |
|
| Details | Domain | 1 | coremail-downloads.mail-files-open-preview.com |
|
| Details | Domain | 1 | coremail-files-downloads.mail-files-open-preview.com |
|
| Details | Domain | 1 | download-all.mail-files-open-preview.com |
|
| Details | Domain | 1 | download-attachments.mail-files-open-preview.com |
|
| Details | Domain | 1 | mail-files-open-preview.com |
|
| Details | Domain | 1 | netease-secure.mail-files-open-preview.com |
|
| Details | Domain | 1 | pla-navy-seecure-drive.mail-files-open-preview.com |
|
| Details | IPv4 | 2 | 65.21.85.206 |