IOC Radar
TLP:WHITE8 IOCs

WEBBFUSCATOR Campaign New TTPS – Detection & Response

SI
Security Investigation
Published September 1, 2022Original Report

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREupdatesagent.comhttp://www.xmlschemef…http://www.xmlschemef…CAPABILITYunknownVICTIMunknown
Adversary
Infrastructure(6)
Capability
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise8

TypeIndicatorConfidenceScoreFirst Seen
Domainupdatesagent.com
indicatorintel-blognetwork
High
58
Jun 2, 26
URLhttp://www.xmlschemeformat.com/update/2021/Office/form.dotm
intel-blognetworkurl
High
58
Jun 2, 26
URLhttp://www.xmlschemeformat.com/update/2021/office/oxb36f8geec634.jpg
intel-blognetworkurl
High
58
Jun 2, 26
Domainxmlschemeformat.com
indicatorintel-blognetwork
High
58
Jun 2, 26
Domainapiregis.com
indicatorintel-blognetwork
High
58
Jun 2, 26
IP185.247.209.255
indicatorintel-blognetwork
High
58
Jun 2, 26
IP139.28.36.222
indicatorintel-blognetwork
High
58
Jun 2, 26
Domainns1.updatesagent.com
indicatorintel-blognetwork
High
58
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph8 total IOCs
DomainURLIP
Domain4URL2IP2REPORTWEBBFUSCATOR Campaign New
scroll to zoom · drag to pan · click IOC to open