ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Source newsletter (Feb. 25, 2021)

Tags

country:	Russia Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Social Media - T1593.001 Software - T1592.002 Web Services - T1583.006 Web Services - T1584.006

Show in Graph

Common Information

Type	Value
UUID	ee93ede1-d9c7-4489-95a4-061fff19ebba
Fingerprint	ed800d8ac387d321
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 25, 2021, 2 p.m.
Added to db	Oct. 9, 2022, 4:19 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	Vulnerability Information
Title	Threat Source newsletter (Feb. 25, 2021)
Detected Hints/Tags/Attributes	62/3/14

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2021/02/threat-source-newsletter-feb-25-2021.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	31		5a5226262.auto
Details	Domain	127		pua.win
Details	File	28		ww31.exe
Details	File	16		flashhelperservice.exe
Details	File	1122		svchost.exe
Details	File	41		santivirusservice.exe
Details	Github username	15		cisco-talos
Details	md5	27		9a4b7b0849a274f6f7ac13c7577daad8
Details	md5	4		f37167c1e62e78b0a222b8cc18c20ba7
Details	md5	58		8c80dd97c37525927c1e549cb59bcbf3
Details	md5	37		34560233e751b7e95f155b6f61e7419a
Details	md5	2		88781be104a4dcb13846189a2b1ea055
Details	Threat Actor Identifier - APT	166		APT31
Details	Url	1		https://github.com/cisco-talos/osquery_queries/blob/master/win_forensics/potential_compiled_html_abuse.yaml