otx.alienvault.com
Open in
urlscan Pro
99.86.7.79
Public Scan
URL:
https://otx.alienvault.com/pulse/623d76297b2f9f69cbfdf151
Submission: On March 25 via api from US — Scanned from DE
Submission: On March 25 via api from US — Scanned from DE
Form analysis
0 forms found in the DOMText Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (180527) Suggest Edit Clone Embed Download Report Spam BAD ACTORS TRYING TO CAPITALIZE ON CURRENT EVENTS VIA SHAMELESS EMAIL SCAMS * Created 36 minutes ago by AlienVault * Public * TLP: White Malicious email and phishing scams are usually topical and follow a pattern of current events. They are usually crafted around calendar and/or trending issues as attackers realize that victims are interested in all things relevant to the moment. Threat actors are aware that not all recipients will bite, but some will, hence the origination of the term “phishing.” Reference: https://www.fortinet.com/blog/threat-research/bad-actors-capitalize-current-events-email-scams Tags: emotet, ukraine, email phishing, geopolitical conflict, office macros Industries: Political, Defense, Government Targeted Countries: Ukraine , United States of America , Japan Malware Family: Emotet Att&ck IDs: T1566 - Phishing , T1114 - Email Collection , T1176 - Browser Extensions , T1102 - Web Service , T1569 - System Services , T1137 - Office Application Startup , T1027 - Obfuscated Files or Information , T1193 - Spearphishing Attachment Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (37) * Related Pulses (6) * Comments (0) * History (0) URL (6)Hostname (1)FileHash-MD5 (5)email (1)FileHash-SHA1 (5)FileHash-SHA256 (19) TYPES OF INDICATORS Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses hostnameecres231.servconfig.comMar 25, 2022, 7:58:34 AM2 emailinfo@seca.camMar 25, 2022, 7:58:34 AM2 URLhttps://justforanime.com/stratose/PonwPXCl/PE32 executable (DLL) (GUI) Intel 80386, for MS WindowsMar 25, 2022, 7:58:34 AM3 URLhttps://getlivetext.com/Pectinacea/AL5FVpjleCW/Mar 25, 2022, 7:58:34 AM2 URLhttp://piajimenez.com/Fox-C/dS4nv3spYd0DZsnwLqov/Mar 25, 2022, 7:58:34 AM2 URLhttp://janshabd.com/Zgye2/HTML document, ASCII text, with CRLF line terminatorsMar 25, 2022, 7:58:34 AM2 URLhttp://inopra.com/wp-includes/3zGnQGNCvIKuvrO7T/PE32 executable (DLL) (GUI) Intel 80386, for MS WindowsMar 25, 2022, 7:58:34 AM2 FileHash-SHA256feec12c64c8bf47ae20dc197ac1c5f0c087c89e9a72a054ba82a20bf6266b447Mar 25, 2022, 7:58:34 AM2 FileHash-SHA256e5a1123894f01197d793d1fe6fa0ecc2bf6167a26ec56bab8c9db70a775ec6bcMar 25, 2022, 7:58:34 AM2 FileHash-SHA2569f2686b83570b7940c577013d522b96ba19e148dac33b6983267470be6a6064bMar 25, 2022, 7:58:34 AM2 SHOWING 1 TO 10 OF 37 ENTRIES 1 2 3 4 Next COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2022 AlienVault, Inc. * Legal * Status