ioc[.]one - OSINT Cyber Threat Intelligence Database

Injecting Deception Mid-Pandemic: Covid-19 Vaccine Related Threats

Tags

country:	Canada Chile China Netherlands Germany France Israel Italy Spain Mexico Portugal United Kingdom United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Artificial Intelligence - T1588.007 Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Search Engines - T1593.002 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Tool - T1588.002

Show in Graph

Common Information

Type	Value
UUID	ec8c06e8-0905-4d21-af7a-3ed13f0682e9
Fingerprint	8a04a9738d3326d9
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 31, 2021, midnight
Added to db	Oct. 15, 2024, 5:47 p.m.
Last updated	Nov. 17, 2024, 6:31 p.m.
Headline	Injecting Deception Mid-Pandemic: Covid-19 Vaccine Related Threats
Title	Injecting Deception Mid-Pandemic: Covid-19 Vaccine Related Threats
Detected Hints/Tags/Attributes	118/3/78

Source URLs

	Redirection	Url
Details	Source	https://www.trendmicro.com/en_ca/research/21/c/injecting-deception-covid-19-vaccine-related-threats.html

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	www.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	backdoor.win32.zebrocy.ad
Details	Domain	3	support-cloud.life
Details	Domain	1	vacunacion.elchopo.mx
Details	Domain	1	dinero-vacunacion.elchopo.mx
Details	Domain	1	xn--vacunacin-d7a.elchopo.mx
Details	Domain	1	infra-medica.com
Details	Domain	2	vaccine-coronavirus.com
Details	Domain	1	deltaexpressairline.com
Details	Domain	1	backdoor.msil.remcos.sm
Details	Domain	2	ip-160-153-254-152.ip.secureserver.net
Details	Domain	2	ip-160-153-254-254.ip.secureserver.net
Details	Domain	2	ip-160-153-246-67.ip.secureserver.net
Details	Domain	1	ip-107-180-73-44.ip.secureserver.net
Details	Domain	1	covidsgaonvjnd6z.onion
Details	Domain	396	protonmail.com
Details	Email	1	darknetmarket1@protonmail.com
Details	Email	1	cvdntdrs@protonmail.com
Details	Email	1	orders@vaccine-coronavirus.com
Details	File	1	reporting.doc
Details	File	10	information.doc
Details	File	1	nq29526013i_covid-19_sars-cov-2.doc
Details	File	6	covid-19.doc
Details	File	1	vaccine.arj
Details	File	1	samples.arj
Details	File	1	_pdf.rar
Details	File	19	trojan.html
Details	File	1	xlxs.iso
Details	File	1	confidential.docm
Details	File	2	vaccine.exe
Details	File	3	_pdf.exe
Details	File	1	vaccine.pdf
Details	File	2	xlxs.exe
Details	File	1	cases_and_new_vaccine.doc
Details	File	26	backdoor.msi
Details	File	1	summary.exe
Details	File	41	sample.exe
Details	File	1	vaccine-register.apk
Details	File	2	paper-covid-19-vaccine-strategy.pdf
Details	File	1	test-result.exe
Details	File	1	vacuna-covid.exe
Details	File	1	vacuna_covid19_chile.apk
Details	File	1	samples.xlsx
Details	File	1	vaccine.gz
Details	File	1	covid-19vaccine_.exe
Details	File	1	corona-virus_28c_arj.bin
Details	File	1	parcel.php
Details	sha256	1	56d85a979245364288d1814d5c45a8acf653c5da47d2eefe8f60f7b7de194e9c
Details	sha256	1	69ae4cd1cbb84c2144408975682f1f24229d8d5a1988b12fff18fd0472cffffb
Details	sha256	1	64f61dd41ec3a411e647f6371b8500666db3c96cc57a8cb0c16d47cceaf12aa9
Details	sha256	1	041320839c8485e8dcbdf8ad7f2363f71a9609ce10a7212c52b6ada033c82bc5
Details	sha256	1	cbf5be2bd3f2d0d5bc495228c034d303d728c11b6bbf58cdcf313c6bf7321321
Details	sha256	1	8a020281d5b475372fcf518c8f4a6b913b3a855c458996a9d7b525062ad736ec
Details	sha256	1	56a4523b72aef34982a90a480c17386862d4788c0501b9982d798d43c860cc6c
Details	sha256	1	eecb7b15a90df049ba18e11ebe23ca8fa83900d11f6154807da5bb07314f255d
Details	sha256	2	43c222eea7f1e367757e587b13bf17019f29bd61c07d20cbee14c4d66d43a71f
Details	sha256	1	a88612acfb81cf09772f6bc9d0dccca8c8d5569ea73148e1e6d1fe0381fe5aec
Details	sha256	1	e17f4fc412f2d30169c6da41687bebbbdb390969a38458143c11474a08afec50
Details	sha256	1	b6087bb0059e7e8d33e2d34a48e3f1db439e01fcd8856e7159428e9562df7067
Details	sha256	1	76888b745714b1d0db8cd883eaac756c560b052462cae240c3917c441c07d611
Details	sha256	1	6d0e370da27f452ed7b21d468d607eb3b938cc798ec563209ce6f67e752963b7
Details	sha256	1	158af91147262440a1f8356d1f8f9cba48b168b97924bea50440d67c679c6c6d
Details	sha256	1	b6162314e5f6edda9b033494a8dc5116cf831456815825949d1f59a5651d40f3
Details	sha256	1	e6be29fa3a68946d8e2239ad60d37b900ddf58cb2c63245dda916f560c081679
Details	sha256	1	a08c6a65851bfe6b9c33d42c54d64869293f6119f9dd94cc060c8233e647568a
Details	sha256	2	00c60593dfdc9bbb8b345404586dcf7197c06c7a92dad72dde2808c8cc66c6fe
Details	sha256	1	bfbada8b0ecc1f711dd4869c7fc97f658b88dc497a415a2e912eff9245fe9c9b
Details	sha256	1	b9bff597e8376ad448c493f4b7eb3e3c500c60528834b3b4a46a1493e3a56694
Details	sha256	1	2b4d07dc6df290801e6dec29d4cd0649d52f0c001a171604cf374c84f57c63a2
Details	sha256	1	052e19392c73c979c31554983a4aed5589c4ece553083dddfb4fe14ee55c440a
Details	sha256	1	2cf2568dad46a638b8e4d86aa46f4cd279511dba9900286e22aeaefc39189a88
Details	sha256	1	76299e863b71caed1b9950d904d1b52a8174b9077c9d4bc896276881caa46fad
Details	sha256	1	bbb0f2855d1444cae835700f58acb51b6a6fd2f48046e94850982753cb4a7268
Details	sha256	1	7e765af2d1bf7c139df8fb2bb5eef1268b3cf356f7192f4f221c42104fad2a89
Details	sha256	3	f36a0ee7f4ec23765bb28fbfa734e402042278864e246a54b8c4db6f58275662
Details	sha256	1	fc2cc8b7cf51f41d40121d63c21c9ae1af4f8f6126b582ace5ed4a5c702b31c3
Details	IPv4	1	64.22.104.14
Details	Url	1	http://t.me/darkwebvendor
Details	Url	1	http://t.me/buy_covid_19_vaccines