IoC Extractor

This IoC extractor identifies Indicators of Compromise (IoCs) by matching patterns, without analyzing the context of the surrounding text. Manual Review and Validation of the extracted IoCs are essential before any action is used.

“Double Threat: Latrodectus and ACR Stealer Distributing Through Google Authenticator Phishing Site”

DATE : 2024-08-08T19:27:27
SOURCE : cyble.com

CVE:
cve-2024-21412

FILE_HASH_SHA256:
532c9bc2e30150bef61a050386509dd5f3c152688898f6be616393f10b9262d3
62536e1486be7e31df6c111ed96777b9e3f2a912a2d7111253ae6a5519e71830
81bc69a33b33949809d630e4fa5cdb89d8c60cf0783f447680c3677cae7bb9bb

Domain:
webipanalyzer.com
geotravelsgi.xyz
spikeliftall.com
godfaetret.com
malwarebytes.com
googleaauthenticator.com
medium.com
elastic.co

Url:
https://www.malwarebytes.com/blog/news/2024/07/threat-actor-impersonates-google-via-fake-ad-for-authenticatorhttps://medium.com/walmartglobaltech/icedid-gets-loaded-af073b7b6d39https://www.proofpoint.com/us/blog/threat-insight/latrodectus-spider-bytes-icehttps://www.elastic.co/security-labs/spring-cleaning-with-latrodectushttps://www.fortinet.com/blog/threat-research/exploiting-cve-2024-21412-stealer-campaign-unleashed