ioc[.]one - OSINT Cyber Threat Intelligence Database

Domain Shadowing Goes Nuclear: A Story in Failed Sophistication

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Javascript - T1059.007 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	ec2f0c22-aa4f-4827-ad0f-85bc3c02c3e7
Fingerprint	a60409f7e90d99c9
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 16, 2015, 5:57 a.m.
Added to db	Oct. 9, 2022, 4:14 p.m.
Last updated	Nov. 18, 2024, 11:23 a.m.
Headline	Vulnerability Information
Title	Domain Shadowing Goes Nuclear: A Story in Failed Sophistication
Detected Hints/Tags/Attributes	60/2/20

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2015/06/domain-shadowing-goes-nuclear-story-in.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	gdejebablo.gq
Details	Domain	1	mdfct6lfx8hccp56knyxlxj.sirabul.org
Details	Domain	1	9o4axaj9js0g8gyullv25mg.sirabul.org
Details	Domain	1	okwvky9tf9e68r7c6dk02tf.sirabul.org
Details	Domain	1	pongshirtstore.com
Details	Domain	27	www.google.co.uk
Details	File	1	eatcraefvvtac1xufvshv10tulkeuaejduwfx1jnf1fawvywcbzcxua.html
Details	File	1207	index.php
Details	File	3	watch.php
Details	File	1	uwvasu4ctf9cr0rcsqldvgtsbghfb1ebvfshakzrhkneqlnvrvwzx0bq.html
Details	File	1	menu_packed.js
Details	IPv4	1	159.8.203.105
Details	IPv4	1	96.127.159.150
Details	IPv4	1	146.120.89.50
Details	IPv4	1	41.77.114.188
Details	IPv4	1	198.20.86.78
Details	IPv4	1	67.212.169.38
Details	IPv4	1	103.14.97.201
Details	IPv4	1	108.178.62.148
Details	Url	1	http://pongshirtstore.com