Pulse Detail — Threat Intelligence

PULSE NAME

Thousands of Sites with Popup Builder Compromised by Balada Injector

WHITE Balada Tr1sa111 2024-01-16 Modified: 2024-02-14

IOCs

MEDIUM VOLUME

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

MALWARE FAMILIES

Balada JavaScript Popup Builder SiteCheck

Indicators of Compromise (5 / 44 total)

All URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	http://get.specialcraftbox.com/loc/gr.txt	—	2024-01-16
URL	https://get.specialcraftbox.com/loc/r.php?zd=	—	2024-01-16
URL	https://rest.greenfastline.com/vkRJGzsp	—	2024-01-16
URL	https://soft.specialcraftbox.com/JZFYbC	—	2024-01-16
URL	https://soft.specialcraftbox.com/KQGrXb?c=	—	2024-01-16

References (1)