2025-10-14 MA-1400.102025 MyCERT Alert - Email with Malicious Attachment Targeting Internet Banking Users| Threat Intelligence Malaysia

📃Title: MA-1400.102025: MyCERT Alert - Email with Malicious Attachment Targeting Internet Banking Users
📅Date: 2025-10-14
🔗References:

https://www.mycert.org.my/portal/advisory?id=MA-1400.102025

🔖Rectifyq Taxonomies:

relevancy: 🔴 Highly Relevant
category: ⚔Threat
sub-category: campaign-analysis
target: broad-based
MY-relevancy: relevant

🔖MISP Galaxies:

target-information=“Malaysia”
malpedia=“404 Keylogger”
producer 4a61b42d-e3f0-4964-9d88-4aa96e24c31d
mitre-attack-pattern=[]

MISP event uuid: 36847759-be6f-4ac7-865d-08c43d89f73a

Indicator of Compromise (IoCs)

type,value,comment
sha256, 85c44fa7dc272a30fe82205119c71604224677380b26271bb0d4d82565b4c6d6, 'No sample in VT\r\nLast check:04/12/2025'
url, https://api.telegram.org/bot/sendMessage?chat_id=&text=, ''
url, http://51.38.247.67:8081/_send_.php?L, ''
url, https://reallyfreegeoip.org/xml/, ''
url, http://checkup.dyndns.org/, ''
hostname, mail.derelimatbaa.com, ''
email-src, info@derelimatbaa.com, ''

Full IOCs available in Rectifyq's MISP```

Rectifyq

Explorer

2025-10-14 MA-1400.102025 MyCERT Alert - Email with Malicious Attachment Targeting Internet Banking Users

Indicator of Compromise (IoCs)

Graph View