WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution - Sekoia.io Blog
Sept. 19, 2024, 8:37 p.m.
Description
Date
| Published | Created | Modified |
|---|---|---|
| Sept. 19, 2024, 7:34 p.m. | Sept. 19, 2024, 7:34 p.m. | Sept. 19, 2024, 8:37 p.m. |
Indicators
http://94.156.64.74/Downloads/SecretTeachings.pdf.lnk
http://91.92.251.35/Downloads/solaris-docs.lnk
http://92.118.112.253/Downloads/releaseform.pdf.lnk
http://91.92.243.198:81/Downloads/test.lnk
http://89.23.107.67/Downloads/2023-Documents%20Shared.lnk
http://89.23.107.244/Downloads/Test.lnk
http://62.133.61.73/Downloads/Photo.lnk
http://89.23.103.56/Downloads/Videof/Full%20Video%20HD%20%281080p%29.lnk
http://62.133.61.37/Downloads/config.txt.lnk
http://62.133.61.104/Downloads/test.pdf.lnk
http://62.133.61.101/Downloads/Invoice.pdf.lnk
http://206.188.196.28/Downloads/example.lnk
http://147.45.50.57/Downloads/INVOICE%20340138551.pdf.lnk
http://151.236.17.180/Wire%20Confirmation/WireConfirmation.pdf.lnk
http://147.45.79.82/Downloads/qqeng.pdf.lnk
http://147.45.50.214/Downloads/demo.pdf.lnk
Attack Patterns
Deer Stealer
Stealit
SelfAU3
ACR Stealer
Meduza Stealer
CRYPTBOT
DanaBot
DarkGate
Remcos
Lumma
Xworm
Redline
GuLoader
Amadey
zgRAT
AsyncRAT
T1199
T1218
T1027
Additional Informations
Gaming
Cryptocurrency
Technology
Media
Financial