2022-09-16 MA-862.092022 MyCERT Alert - MyPetronas Malicious Application| Threat Intelligence Malaysia

📃Title: MA-862.092022: MyCERT Alert - MyPetronas Malicious Application
📅Date: 2022-09-16
🔗References:

https://www.mycert.org.my/portal/details?menu=431fab9c-d24c-4a27-ba93-e92edafdefa5&id=90f925b0-f996-42b2-b0a3-64d994199792

🔖Rectifyq Taxonomies:

relevancy: 🔴 Highly Relevant
category: ⚔Threat
target: targeted
MY-relevancy: relevant

🔖MISP Galaxies:

target-information=“Malaysia”
f3b46834-6ce9-44ef-852d-d7ac61a12920=“f8334ef2-9d35-48de-aa5e-bcdcd4c4d714”
producer 4a61b42d-e3f0-4964-9d88-4aa96e24c31d
mitre-attack-pattern=[]

MISP event uuid: 857353ab-d28e-4b35-8dbd-7fde005ec133

Indicator of Compromise (IoCs)

type,value,comment
url, https://pt-gift.store, 'Landing page URL'
url, https://petronas-gift.store, 'Landing page URL'
url, https://myworkshop.store, 'Landing page URL'
url, https://lapks.online/skyblue_888a/api/api.php?post_order, 'C&C URL'
url, https://gpost996.online/post.php, 'C&C URL'
url, https://sgbx.online?pass=app168&cmd=sms&sid=%1$s&sms=%2$s, 'C&C URL'

Full IOCs available in Rectifyq's MISP```

Rectifyq

Explorer

2022-09-16 MA-862.092022 MyCERT Alert - MyPetronas Malicious Application

Indicator of Compromise (IoCs)

Graph View