ID RST:3A241218-8CAC-3611-B0D4-024C70DE81B4 Type rst Reporter RST Threat Feed Modified 2020-09-30T00:00:00
Description
Found dzhkjffsd[.]zstqkdub.best/pc/index.php?openid.pape.max_auth_age=0&openid.return_to=www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&openid.ns=specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinwww.smbc.co.jp in RST Threat Feed with score 10.
First seen: 2020-09-30T03:00:00, Last seen: 2020-09-30T03:00:00.
IOC tags: phishing.
It was found that the IOC is used by: cve-2010-5107, cve-2017-15906, cve-2011-5000, cve-2011-4327, cve-2014-1692, cve-2012-0814, cve-2010-4755, cve-2016-10708, cve-2016-0777, cve-2010-4478.
IOC could be a False Positive (Resource unavailable).
https://rstcloud.net/
{"id": "RST:3A241218-8CAC-3611-B0D4-024C70DE81B4", "bulletinFamily": "ioc", "title": "RST Threat feed. IOC: dzhkjffsd.zstqkdub.best/pc/index.php?openid.pape.max_auth_age=0&openid.return_to=www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&openid.ns=specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinwww.smbc.co.jp", "description": "Found **dzhkjffsd[.]zstqkdub.best/pc/index.php?openid.pape.max_auth_age=0&openid.return_to=www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&openid.ns=specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinwww.smbc.co.jp** in [RST Threat Feed](https://rstcloud.net/profeed) with score **10**.\n First seen: 2020-09-30T03:00:00, Last seen: 2020-09-30T03:00:00.\n IOC tags: **phishing**.\nIt was found that the IOC is used by: **cve-2010-5107, cve-2017-15906, cve-2011-5000, cve-2011-4327, cve-2014-1692, cve-2012-0814, cve-2010-4755, cve-2016-10708, cve-2016-0777, cve-2010-4478**.\nIOC could be a **False Positive** (Resource unavailable).\n[https://rstcloud.net/](https://rstcloud.net/)", "published": "2020-09-30T00:00:00", "modified": "2020-09-30T00:00:00", "cvss": {}, "href": "", "reporter": "RST Threat Feed", "references": [], "cvelist": [], "type": "rst", "lastseen": "2020-09-30T00:00:00", "edition": 1, "viewCount": 0, "enchantments": {"vulnersScore": "PENDING"}, "iocType": "url", "ip": [], "domain": ["dzhkjffsd.zstqkdub.best"], "url": ["dzhkjffsd.zstqkdub.best/pc/index.php?openid.pape.max_auth_age=0&openid.return_to=www.smbc.co.jp/?ref_=nav_em_hd_re_signin&openid.identity=specs.openid.net/auth/2.0/identifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&key=a@b.c&openid.claimed_id=specs.openid.net/auth/2.0/identifier_select&openid.ns=specs.openid.net/auth/2.0&&ref_=nav_em_hd_clc_signinwww.smbc.co.jp"], "iocScore": {"ioc_frequency": 1.0, "ioc_src": 73.06, "ioc_tags": 0.86, "ioc_total": 10.0}, "tags": ["phishing"], "fp": {"alarm": "true", "descr": "Resource unavailable"}, "whois": {}, "geodata": {}, "asn": {}}
