TLP:WHITE5 IOCs
Ghostwriter Phishing Infrastructure Targets Gmail and Ukrainian Email Portal Users
Threat Actors
Diamond Model
Adversary(1)
Infrastructure(3)
Capability
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise5
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| SHA256 | 2434e1a88cf2effa13fc4eb335560e3cf49790ddd4bd0df7e100de9867a19748 file-hashindicatorintel-blog | Medium | 53 | Jun 29, 26 |
| Domain | accounts-verification.cc.cd indicatorintel-blognetwork | High | 58 | Jun 29, 26 |
| Domain | mail.service-support.digital indicatorintel-blognetwork | High | 58 | Jun 29, 26 |
| SHA256 | 6542f8fa3e1f00a3c0e9994c34d8b49d2c3d2684cf73c23a0b1030daaaaa4786 file-hashindicatorintel-blog | Medium | 53 | Jun 29, 26 |
| IP | 45.197.133.104 indicatorintel-blognetwork | High | 58 | Jun 29, 26 |
IOC Relationship Graph
IOC Relationship Graph5 total IOCs
SHA256DomainIP