← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Warning Against Phishing Emails Prompting Execution of Commands via Paste
WHITE AlienVault 2024-06-06 Modified: 2024-06-06
27
IOCs
MEDIUM VOLUME
This report details a phishing campaign distributing malicious HTML files through emails. The files prompt users to paste and run malicious PowerShell commands that initiate a multi-stage infection process. The campaign ultimately delivers the DarkGate malware, highlighting the importance of exercising caution with files from unknown sources.
phishingemailsmaliciousdarkgatecommandspowershell
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
DarkGate
Indicators of Compromise (9 / 27 total)
All FileHash-MD5 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL http://dogmupdate.com/rdyjyany 2024-06-06
URL http://dogmupdate.com/yoomzhda 2024-06-06
URL http://flexiblemaria.com/iinkqrwu 2024-06-06
URL http://flexiblemaria.com/umkglnks 2024-06-06
URL http://mylittlecabbage.net/qhsddxna 2024-06-06
URL http://mylittlecabbage.net/xcdttafq 2024-06-06
URL https://jenniferwelsh.com/header.png 2024-06-06
URL https://linktoxic34.com/wp-content/themes/twentytwentytwo/dark.hta 2024-06-06
URL https://www.rockcreekdds.com/wp-content/1.hta 2024-06-06
References (1)
↗ https://asec.ahnlab.com/en/66300/