Rectifyq📃Title: MA-640.102016: MyCERT Alert - Phishing Emails Targeting Bank Negara Malaysia (BNM)
📅Date: 2016-10-14
🔗References:
🔖Rectifyq Taxonomies:
- relevancy: 🔴 Highly Relevant
- category: ⚔Threat
- sub-category: campaign-analysis
- target: targeted
- MY-relevancy: relevant
🔖MISP Galaxies:
- target-information=“Malaysia”
- sector=“Bank”
- f3b46834-6ce9-44ef-852d-d7ac61a12920=“82a4a09c-ca5b-4dd1-b194-df3e65f93fa3”
- producer 4a61b42d-e3f0-4964-9d88-4aa96e24c31d
- mitre-attack-pattern=[‘T1192’, ‘T1566.002’, ‘T1583.001’]
MISP event uuid: 96f7a456-317e-4efc-8874-0ff5c0bce9f6
Indicator of Compromise (IoCs)
type,value,comment
url, http://www.albasolar.es/dmdocuments/3fSrdMY7zYEvLQLhEx3PCHeQ/, 'Phishing URL'
url, http://ahvc-naturopath.com.au/RdShTeVwh7WYpHUyXPPyTkAx/, 'Phishing URL'
url, http://ahvc-naturopath.com.au/wp-content/plugins/xzAUA3dv5Ng7JhhxG3VXfAJE/, 'Phishing URL'
url, http://ahvc-naturopath.com.au/wp-includes/pomo/JaVBsAjL47gb4Zw3YGgWxeDv/, 'Phishing URL'
url, http://ahvc-naturopath.com.au/wp-includes/pomo/JaVBsAjL47gb4Zw3YGgWxeDv/2c7295bc272f8191ba842f5c2236b816/, 'Phishing URL'
url, http://ahvc-naturopath.com.au/wp-includes/pomo/JaVBsAjL47gb4Zw3YGgWxeDv/58911ca38fe269b2b7231b6977168883, 'Phishing URL'
url, http://ahvc-naturopath.com.au/wp-includes/theme-compat/5zLXyNSL2R7Mr452c, 'Phishing URL'
url, http://ahvc-naturopath.com.au/wp-includes/theme-compat/5zLXyNSL2R7Mr452cSvQVBa8/, 'Phishing URL'
url, http://darlinlildresses.com/includes/kVHQ7MqUtDt5JJCaTg6CpsPP/, 'Phishing URL'
url, http://nexgentruckrepair.com/wp-content/plugins/, 'Phishing URL'
url, http://nova4u.com/meps/K8XzAnSfBC3sWBpRWPpXk4CY/configure/, 'Phishing URL'
url, http://ww1.banknegara.com/, 'Phishing URL'
url, http://banknegara2u.com/, 'Phishing URL'
url, http://reports.banknegara2u.com/, 'Phishing URL'
Full IOCs available in Rectifyq's MISP```