TLP:WHITE13 IOCs
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
Diamond Model
Adversary
Infrastructure(5)
Capability
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise13
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| [email protected] emailindicatorintel-blog | High | 58 | Jun 2, 26 | |
| Domain | harteprn.com indicatorintel-blognetwork | High | 58 | Jun 2, 26 |
| [email protected] emailindicatorintel-blog | High | 58 | Jun 2, 26 | |
| Domain | cocinternal.com indicatorintel-blognetwork | High | 58 | Jun 2, 26 |
| Domain | compliance-protectionoutlook.de aptespionageintel-blog | High | 58 | Jun 2, 26 |
| SHA256 | 5db1ecbbb2c90c51d81bda138d4300b90ea5eb2885cce1bd921d692214aecbc6 file-hashintel-blogphishing | Medium | 53 | Jun 2, 26 |
| [email protected] emailindicatorintel-blog | High | 58 | Jun 2, 26 | |
| Domain | acceptable-use-policy-calendly.de aptespionageintel-blog | High | 58 | Jun 2, 26 |
| SHA256 | b5a3346082ac566b4494e6175f1cd9873b64abe6c902db49bd4e8088876c9ead file-hashindicatorintel-blog | Medium | 53 | Jun 2, 26 |
| [email protected] emailindicatorintel-blog | High | 58 | Jun 2, 26 | |
| Domain | gadellinet.com indicatorintel-blognetwork | High | 58 | Jun 2, 26 |
| SHA256 | 11420d6d693bf8b19195e6b98fedd03b9bcbc770b6988bc64cb788bfabe1a49d file-hashindicatorintel-blog | Medium | 53 | Jun 2, 26 |
| [email protected] emailindicatorintel-blog | High | 58 | Jun 2, 26 |
IOC Relationship Graph
IOC Relationship Graph13 total IOCs
EmailDomainSHA256