SocGholish - это структура атаки, которую злоумышленники используют, по крайней мере, с 2020 года. Термин Soc относится к использованию социальной инженерии для внедрения вредоносного ПО в системы.
Содержание
Indicators of Compromise
Domains
- teleray.com
URLs
- https://modification.grebcocontractors.com/0YPq1qqhib+1odDk5LbG9KOh0PS35IOypOzIqw==
- https://modification.grebcocontractors.com/5F3hxp9/gq+Af9v00WjN5JcphLbGZ8OnijyNv544vqCUf83kln/b5IAqgLKXJ5G8gDyTpJY5jaTGIA==
- https://modification.grebcocontractors.com/rE7MQtdsryvIbPZwmXvgYN86qTKOdO4uzSCoK8IpkyTFIqlggGy+YJZsuirHL6cszz6+Nt49qijENu4/
- https://teleray.com/superpwa-sw.js?2.2.5
- https://teleray.com/wp-content/plugins/activeblogs/cav.js
- https://teleray.com/wp-content/plugins/happy-elementor-addons-pro/assets/js/happy-addons-pro.js?ver=2.7.1
- https://teleray.com/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js
- https://teleray.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.8.4.1
- https://teleray.com/wp-content/themes/teleray/js/main.js?ver=1.0.0
- https://teleray.com/wp-content/themes/teleray/js/navigation.js?ver=1.0.0
- https://ucbwp.caching.oysterfloats.com/editContent
- https://webcachedata.com/app.min.js?ver=whcz7ol00ic5yvcjfdsqa
MD5
- c33980cfce6e278f0c2740f7ab24516e
- e868e98485d4a892c527e74f44a4bb17
