← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
MalwareBazaar | Browse Checking your browser
WHITE chiendn2k1@ 2024-07-16 Modified: 2024-08-15
18
IOCs
MEDIUM VOLUME
A sample of Origin Logger, a variant of Agent tesla, has been sent to the BBC by a member of the public and is being used to spread the malware through the internet.
malwarebazaarbrowse checkingbrowse uploadhunting apiexportlogincheckingpleaseverificationjavascriptfilexoredpcap fileloggeragent teslainfectionemailpdf iconiso filedetecteasycoreehlo
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
EHLO
Indicators of Compromise (18)
All FileHash-SHA256 URL domain email hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 3883d374ba0736254a89e310b86f3c3769adcaed471b103b5c0a8a2f16cf5c8d 2024-07-16
FileHash-SHA256 5016ba92afac1c2b2a2a6b17a09406869bd6f58cfe680f25030af1a1ba1c29a2 2024-07-16
FileHash-SHA256 90d977ca0a3331d78005912d2b191d26e33fa2c6ef17602d6173164ba83fd85e 2024-07-16
FileHash-SHA256 926a3142270a52f8afb93490d5dd21f0ca23bc0815ee6630068cf6409d8ee448 2024-07-16
URL http://savory.com.bd/sav/Ztvfo.png 2024-07-16
domain 1users.com 2024-07-16
domain savory.com.bd 2024-07-16
domain sers.com 2024-07-16
domain windows11users.com 2024-07-16
email admin@windows11users.com 2024-07-16
email marketing@transgear.in 2024-07-16
email min@windows11users.com 2024-07-16
email zaritkt@arhitektondizajn.com 2024-07-16
hostname 220-bh-41.webhostbox.net 2024-07-16
hostname 250-bh-41.webhostbox.net 2024-07-16
hostname bh-41.webhostbox.net 2024-07-16
hostname mail.windows11users.com 2024-07-16
hostname webmail.windows11users.com 2024-07-16
References (1)
↗ https://d01a.github.io/originlogger/