ioc[.]one - OSINT Cyber Threat Intelligence Database

Trying to Steal Christmas (Again!) | FortiGuard Labs

Tags

country:	Chile
maec-delivery-vectors:	Watering Hole
attack-pattern:	Credentials - T1589.001 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	f8067533-9755-4c6a-9b0a-5011be1ca13e
Fingerprint	ec09995aa974ccef
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 22, 2022, 12:37 p.m.
Added to db	Dec. 23, 2022, 10:44 a.m.
Last updated	Nov. 17, 2024, 6:53 p.m.
Headline	Trying to Steal Christmas (Again!)
Title	Trying to Steal Christmas (Again!) \| FortiGuard Labs
Detected Hints/Tags/Attributes	55/3/20

Source URLs

	Redirection	Url
Details	Source	https://feeds.fortinet.com/~/722764796/0/fortinet/blog/threat-research~Trying-to-Steal-Christmas-Again
Details	Source	https://www.fortinet.com/blog/threat-research/trying-to-steal-christmas-again
Details	Source	https://www.fortinet.com/blog/threat-research/trying-to-steal-christmas-again?&web_view=true

URL Provider

Details	Provider	Source level domain
Details	fortinet.com	www.fortinet.com
Details	fortinet.com	feeds.fortinet.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	117	✔	Fortinet All Blogs	https://feeds.feedburner.com/fortinet/blogs	2024-08-30 22:08
Details	122	✔	Fortinet Threat Research Blog	https://feeds.fortinet.com/fortinet/blog/threat-research	2024-08-30 22:08
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	145	api.telegram.org
Details	Domain	358	pastebin.com
Details	File	1	designs.gz
Details	File	1	designs.exe
Details	File	1	lists.gz
Details	File	1	lists.exe
Details	File	1	fkkvzetzm.exe
Details	File	533	ntdll.dll
Details	File	1	8845e90c-374f-4f68-a7a8-4bc7bad7be20.exe
Details	File	1	good_time.zip
Details	File	1	image7.jpg
Details	File	1	image6.jpg
Details	File	1	good_times.zip
Details	sha256	1	c94eac21e05336aa64ccbc1726d0a2961880627973dae4c5483aaed33150eec5
Details	sha256	1	0fcae5db73d10b022e86f7e0799073623fa5063a29054807e1f93a4016d8fc99
Details	sha256	1	1f4118f5e843334e23e325784b5c4a8249315da7211c7c69d94d7a5a60d00d84
Details	sha256	1	5e715ff174547e66f9566232bc7edccebd93ae7f99e5cd3818040c13acec36f7
Details	sha256	1	543d26c5081bdcda693c8dc3586a874319413e8e8ab762b8ad99341f37c4b3fa
Details	Url	1	https://api.telegram.org/bot5018340186
Details	Url	1	https://pastebin.com/raw/pejlufc4.