TLP:WHITE33 IOCs

Iranian backed group steps up phishing campaigns against Israel, U.S.

Botvrij.eu OSINT Feed

Published August 19, 2024Original Report

Diamond Model

Adversary

Infrastructure(6)

Capability

Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise33

Type	Indicator	Confidence	Score	First Seen
Domain	share-box-5f395.appspot.com indicatornetwork	High	68	Jun 2, 26
URL	https://smaaaal.cfd/Wp59tqKU networkphishingurl	High	68	Jun 2, 26
URL	https://click-choose-figured.cfd/Gallery/Password networkphishingurl	High	68	Jun 2, 26
SHA256	89c1d1b61d7f863f8a651726e29f2ae3de7958f36b49a756069021817947d06c file-hashloadermalware	High	68	Jun 2, 26
URL	https://check-pabnel-status.live/Gcollection/Password networkphishingurl	High	68	Jun 2, 26
URL	https://check-pabnel-status.live/Lcollection/Password networkphishingurl	High	68	Jun 2, 26
URL	https://check-pabnel-status.live/Gcollection/Ref/CkliPwaM networkphishingurl	High	68	Jun 2, 26
URL	https://s3api.shop/api/ loadermalwarenetwork	High	68	Jun 2, 26
URL	https://panel-short-check.live/ZZqt3LYD networkphishingurl	High	68	Jun 2, 26
URL	https://panel-short-check.live/PhyfkFQX networkphishingurl	High	68	Jun 2, 26
URL	https://checking-paneling.live/aliasauthG/autoref/vNSX6c2m networkphishingurl	High	68	Jun 2, 26
IP	91.107.150.184 loadermalwarenetwork	High	68	Jun 2, 26
SHA256	4ac088bf25d153ec2b9402377695b15a28019dc8087d98bd34e10fed3424125f file-hashloadermalware	High	68	Jun 2, 26
Domain	brookings.email networkphishing	High	68	Jun 2, 26
SHA256	c3486133783379e13ed37c45dc6645cbee4c1c6e62e7988722931eef99c8eaf3 file-hashloadermalware	High	68	Jun 2, 26
IP	49.13.194.118 loadermalwarenetwork	High	68	Jun 2, 26
Domain	accredit-navigation.online networkphishing	High	68	Jun 2, 26
SHA256	82ae2eb470a5a16ca39ec84b387294eaa3ae82e5ada4b252470c1281e1f31c0a file-hashloadermalware	High	68	Jun 2, 26
SHA256	baac058ddfc96c8aea8c0057077505f0ad3ff20311d999886fed549924404849 file-hashloadermalware	High	68	Jun 2, 26
SHA256	33a61ff123713da26f45b399a9828e29ad25fbda7e8994c954d714375ef92156 file-hashloadermalware	High	68	Jun 2, 26
SHA256	0180f4f29c550aa1ffaa21af51711b29de99fb1d7c932d008a0e9356ae8a7d60 file-hashloadermalware	High	68	Jun 2, 26
URL	https://n9.cl/4xgro networkphishingurl	High	68	Jun 2, 26
URL	https://check-pabnel-status.live/Lcollection/Ref/F53OQQkE networkphishingurl	High	68	Jun 2, 26
URL	https://sharedrive.webredirect.org/Khn/shoaGzA/cGNt/dMPaV/kvvhK networkurl	High	68	Jun 2, 26
URL	https://meetroomonlin1925.w3spaces.com/ networkphishingurl	High	68	Jun 2, 26
URL	https://visioneditor.loseyourip.com loadermalwarenetwork	High	68	Jun 2, 26
URL	https://click-choose-figured.cfd/Gallery/Ref/FSaEM5gG networkphishingurl	High	68	Jun 2, 26
URL	https://short-ion-per.live/08EFNZ1 networkphishingurl	High	68	Jun 2, 26
Domain	understandingthewar.org networkphishing	High	68	Jun 2, 26
SHA256	f83e2b3be2e6db20806a4b9b216edc7508fa81ce60bf59436d53d3ae435b6060 file-hashloadermalware	High	68	Jun 2, 26
SHA256	bc2597ce09987022ff0498c6710a9b51a1a47ed8082ac044be2838b384157527 file-hashloadermalware	High	68	Jun 2, 26
SHA256	c67cd544a112cab1bb75b3c44df4caf2045ef0af51de9ece11261d6c504add32 file-hashloadermalware	High	68	Jun 2, 26
URL	https://checking-paneling.live/aliasauthG/Password networkphishingurl	High	68	Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph33 total IOCs

DomainURLSHA256IP

scroll to zoom · drag to pan · click IOC to open