ET PHISHING Observed Possible Phishing Landing Page 2021-06-24

SID: 2033187Rev: 11 views
History
Sourceet/open
CreatedJune 25, 2021
UpdatedJune 25, 2021
Classificationsocial-engineering
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET PHISHING Observed Possible Phishing Landing Page 2021-06-24"; flow:established,to_client; file.data; content:"<title>Red Link - BANCO DE LA NACION ARGENTINA</title>"; fast_pattern; content:"enctype|3d 22|multipart|2f|form|2d|data|22 20|"; distance:0; content:"id|3d 22|UserNameVerificationForm|22|"; distance:0; content:"name|3d 22|UserNameVerificationForm|22|"; distance:0; content:"method|3d 22|post|22|"; distance:0; content:"action|3d 22|doLoginFirstStep.htm|22 3e|"; distance:0; reference:url,app.any.run/tasks/7ff1092c-4c9e-4915-933a-1f568b5ba83d; classtype:social-engineering; sid:2033187; rev:1; metadata:attack_target Client_Endpoint, created_at 2021_06_25, deployment Perimeter, confidence Medium, signature_severity Critical, tag Phishing, updated_at 2021_06_25, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1566, mitre_technique_name Phishing;)

References

urlapp.any.run/tasks/7ff1092c-4c9e-4915-933a-1f568b5ba83d

Metadata

attack targetClient_Endpoint
created at2021_06_25
deploymentPerimeter
confidenceMedium
signature severityCritical
tagPhishing
updated at2021_06_25
mitre tactic idTA0001
mitre tactic nameInitial_Access
mitre technique idT1566
mitre technique namePhishing

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!