2020-07-10 MA-790.072020 MyCERT Alert - SMSSpy using Malaysian Law Enforecement as theme| Threat Intelligence Malaysia

📃Title: MA-790.072020: MyCERT Alert - SMSSpy using Malaysian Law Enforecement as theme
📅Date: 2020-07-10
🔗References:

https://mycert.org.my/portal/advisory?id=MA-790.072020

🔖Rectifyq Taxonomies:

relevancy: 🔴 Highly Relevant
category: ⚔Threat
sub-category: intrusion-analysis
target: targeted
MY-relevancy: relevant

🔖MISP Galaxies:

target-information=“Malaysia”
sector=“Police - Law enforcement”
f3b46834-6ce9-44ef-852d-d7ac61a12920=“00afde8d-6de3-46b1-9f35-e98fc8c1ee07”
producer 4a61b42d-e3f0-4964-9d88-4aa96e24c31d
mitre-attack-pattern=[‘T1433’, ‘T1432’, ‘T1413’, ‘T1437’, ‘T1429’, ‘T1402’, ‘T1412’, ‘T1448’, ‘T1414’, ‘T1476’, ‘T1401’, ‘T1482’, ‘T1407’, ‘T1523’, ‘T1438’, ‘T1449’, ‘T1450’, ‘T1420’, ‘T1411’, ‘T1430’, ‘T1507’, ‘T1468’, ‘T1409’, ‘T1426’, ‘T1422’, ‘T1421’]

MISP event uuid: 67ecc7f8-bc10-4329-b975-097c929fd5f9

Indicator of Compromise (IoCs)

type,value,comment
url, http://app.0189110.com/, ''
url, http://vip.0109101.com:2052/WebMobileD1, ''
url, http://vip.0109101.com:2052/webmobiled1/phoneajax/index.do, ''
url, http://vip.0109101.com/d2, ''
url, http://vip.0109101.com/d2/BANK.php, ''
hostname, app.0189110.com, ''
hostname, vip.0109101.com, ''
ip-dst, 104.31.92.196, ''
ip-dst, 104.18.37.4, ''

Full IOCs available in Rectifyq's MISP```

Rectifyq

Explorer

2020-07-10 MA-790.072020 MyCERT Alert - SMSSpy using Malaysian Law Enforecement as theme

Indicator of Compromise (IoCs)

Graph View