ioc[.]one - OSINT Cyber Threat Intelligence Database

Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Dynamic Dns - T1311 Dynamic Dns - T1333 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	ffdcdf78-a015-45a9-a06b-b44390f7e739
Fingerprint	e69909f5992db1e8
Analysis status	DONE
Considered CTI value	0
Text language
Published	June 5, 2015, 1:05 a.m.
Added to db	Oct. 9, 2022, 4:14 p.m.
Last updated	Sept. 1, 2024, 8:45 p.m.
Headline	Vulnerability Information
Title	Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense
Detected Hints/Tags/Attributes	63/2/62

Source URLs

	Redirection	Url
Details	Source	https://blog.talosintelligence.com/2015/06/angler-ek-more-obfuscation-fake.html

URL Provider

Details	Provider	Source level domain
Details	talosintelligence.com	blog.talosintelligence.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	m4mezjhssns.play
Details	Domain	1	schapershonden-yhteenliittymin.inspirefilms.us
Details	Domain	1	capsteads-tmenupopup.mercuryoutboardnc.com
Details	Domain	1	mfrzdzjjpi.myftp.biz
Details	Domain	1	traditionetgourmandises.fr
Details	Domain	1	convenzioni.ording.roma.it
Details	Domain	1	99mkb.com
Details	Domain	1	hostyoursitehere.com
Details	Domain	1	alpha.akesha.com
Details	Domain	1	andreiprundeanu.eu
Details	Domain	1	4042shopping.com
Details	Domain	1	redstarfuochicinesi.it
Details	Domain	1	alebehr.com
Details	Domain	1	alchemyofpresence.com
Details	Domain	1	blationmedia.com
Details	Domain	1	jeanrey.fr
Details	Domain	1	awynnejoinery.co.uk
Details	Domain	1	americanfamilyenergy.com
Details	Domain	1	bezpiecznaswinka.pl
Details	Domain	1	buroroebers.nl
Details	Domain	1	bebeamor.co.uk
Details	Domain	1	jandchousecleaning.com
Details	Domain	1	asambleadedios.org
Details	Domain	1	buhtime.by
Details	Domain	1	asadiag.com
Details	Domain	1	beijerlandsekelnerrace.nl
Details	Domain	1	atlantacustomwork.com
Details	Domain	1	braingame.biz
Details	Domain	1	doggonesigns.com
Details	Domain	1	ancientvoyages.com
Details	Domain	1	gonavarro.com
Details	Domain	1	sweetthangzdesserts.com
Details	Domain	1	brandgriffin.com
Details	Domain	1	tarifair.fr
Details	Domain	1	alsblueshelpt.nl
Details	Domain	1	7d2.c27.myftpupload.com
Details	Domain	1	autorijschoolconsistent.nl
Details	File	1	l8vz9fnajq-niieebal7h7qtel5ypvckfromubgce7soa4xt.php
Details	File	1	w1smrntbdumu9mmm2efsj-b_a8vpjjmepo98-m4mezjhssns.pl
Details	File	1	f-4c7nrgq1duqcpxkc7e9rufqmqvv-d5tyyk4xvtdmpy6ywh.vbs
Details	File	1	pyrih5apzdfl4gldzx8_vcaemfmbymxy0eqxrim8rwazisso.py
Details	File	1	bcxo-513wcihyfbchtj0jesdjdfozpc0sdyufo-sev2yu0tp.asp
Details	File	1	2uqv9igkbxfc2qcgir6k96j94pqcotf6kuidm0vozkfm21_n.cpp
Details	File	1	nm89-qft1dl3yumj-os3sqr-1j0fvpxbhf46fhklvmyckwzj.java
Details	File	1	c9nrrung8wsks480kqidbvw_rrr7hmapsuqbmnaw0zigdmrl.js
Details	File	1	0qibgtxekgtkx-n8cg8towq4m49ph6fhkxprckq3cay_06vy.pl
Details	File	1	b8wpbgzjnepngvaz2zq7plhks1t_n4tgrqzlzwjaguraon_0.cpp
Details	File	1	6gayyn99jascopnnn9vxcuh403etgcntiddvwb0bs9ruyztl.js
Details	File	1	ee3m7b8dd1mferqp3nlbywqflv6mriunlhktxmkiv3fmugce.java
Details	File	1	grdelu0g6owixkoqjlruoaixa80ioqx-5_ki2gqtbzed7kie.js
Details	File	1	d4fdogd1mzck36mktp6tdutrq_jnhwqdusgmgf5m0l7m1tsn.java
Details	File	1	9xjus2vu29qnbdaqhh_qu0jeove__dtrzgovrxg3wdpz1ewe.cpp
Details	File	1	1rk4kgr_ozlnhqxkbdbp_gmbyhibjq5027go83vayaefxk4c.py
Details	File	1	i1piqrtfnimqzhsfwu1jbmqfccujcvews9sdmhznqibvfi_p.vb
Details	File	1	bezpiecznaswinka.pl
Details	sha256	1	28f6b5f344f7d2bef75b30ba2e286ddff3d3a2009da1d01d7e30e21feecfde34
Details	sha256	1	023de93e9d686bf6a1f80ad68bde4f94c5100b534f95285c1582fb8b8be8d31f
Details	IPv4	1	194.6.233.7
Details	IPv4	1	78.46.250.103
Details	IPv4	1	94.131.14.23
Details	IPv4	1	94.242.198.221
Details	IPv4	1	173.227.247.35