← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
New Behavior for LandUpdate808 Observed - Malasada Tech
WHITE malasada.tech 2024-10-15 Modified: 2024-11-14
12
IOCs
MEDIUM VOLUME
Observed in research that the domains/URLs are serving LandUpdate808 delivery payloads. These were not observed from any compromised sites. Review the reference for more info.
LandUpdate808
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
LandUpdate808
Indicators of Compromise (12)
All domain hostname URL
TYPEINDICATORDESCRIPTIONCREATED
domain howmanychairs.com 2024-10-15
domain pemalite.com 2024-10-15
domain piedsmontlaw.com 2024-10-15
domain pushcg.com 2024-10-15
hostname vpn289280989.v4.softether.net 2024-10-15
URL https://pushcg.com/web-analyzer.js 2024-10-15
URL https://pemalite.com/web-analyzer.js 2024-10-15
URL https://piedsmontlaw.com/web-analyzer.js 2024-10-15
URL https://howmanychairs.com/web-analyzer.js 2024-10-15
URL https://vpn289280989.v4.softether.net/web-analyzer.js 2024-10-15
domain mercro.com 2024-11-03
URL https://mercro.com/web-metrics.js 2024-11-03
References (1)
↗ https://malasada.tech/new-behavior-for-landupdate808-observed/