Pulse Detail — Threat Intelligence

PULSE NAME

Ave Maria campaign targeting r/cybersecurity users on Reddit.

WHITE Tr1sa111 2023-10-18 Modified: 2023-11-04

IOCs

LOW VOLUME

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1189

MALWARE FAMILIES

Ave Maria

Indicators of Compromise (9)

All URL domain email hostname FileHash-SHA256

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	http://SuperGuy.camdvr.org:6000	—	2023-10-18
URL	https://www.freecryptorobot.com/Release/75K_EMAIL_USERPASS.rtf	—	2023-10-18
URL	https://www.freecryptorobot.com/Release/Cache.exe	—	2023-10-18
domain	avcheck.net	—	2023-10-18
email	bd@hta4lyfeohyea.duckdns.org	—	2023-10-18
hostname	hta4lyfeohyea.duckdns.org	—	2023-10-18
hostname	superguy.camdvr.org	—	2023-10-18
hostname	www.freecryptorobot.com	—	2023-10-18
FileHash-SHA256	89284a9cba85e7c58a4ff3ab95b1d74bec58d8ee5b0acd6014205a7596389815	—	2023-10-18

References (1)