{ "cc78e18a-d5fd-470d-86b6-aa42e0727b74": { "event_id": 10964, "created_at": "2021-04-14T10:15:22.631917+00:00", "updated_at": "2021-04-14T10:15:23.960037+00:00", "name": "Campagna Flubot via SMS download APK", "description": "", "subject": "Il tuo pacco sta arrivando seguilo qui", "tlp": "0", "campaign_type": "malware", "method": "linked", "country": "italy", "file_type": [], "theme": "Delivery", "malware": "Flubot", "phishing": null, "tag": [], "ioc_list": { "md5": [ "5db31f359192e14dd8c20a5ad77588f1", "5ec2b13055a307bdd59729cc218fdd8c", "b56d5c5960933a2027eda6cb8988252b" ], "sha1": [ "18f3c1449f1141ad43a4b624d8357a25b49da6ed", "d5e8a0a1049b4eb61c6a92bc9a3f8d7709927a70", "82ed33e1ae89c6c790728062f1e7e019af9f932f" ], "sha256": [ "4e1b03e194d1dc8ac79965992ef320f178be427f058e2295af01bb60eacb7909", "78dc592ba0ebd114fb066e04be7c448047c9302dc70ad5a35f3e5bd7871fc72b", "cf21a3670e022fea3b9124cb73a0e0023c5d4eb2b1e2380b1de993be4bc5d310" ], "imphash": [], "domain": [ "qoisocrldvnesni.ru", "bdvwidxfiextwof.ru", "njwhuclqpvvwhwg.ru" ], "url": [ "https://eriksdigital.co.il/pkge/", "https://laus.club/track/", "https://dashcards.com/pkge/", "https://www.miamiluxuryvacationrentals.com/pkg/", "https://sspbluebox.com/pkg/", "https://sitedaclimb.com.br/pkg/", "https://avanart.by/pkge/", "https://ourcheapstore.in/track/", "https://nasutki.click/pkge/", "https://partesyaccesorios.com.co/trck/", "https://sodocasino.com/pkg/", "https://mostootriad58.by/pkge/", "https://thietbisukiengiare.vn/pkge/", "https://www.slaapschool.com/pkge/", "https://www.fixmydeal.in/trck/", "https://jiukewang.com/track/", "https://clarionindiaventures.in/trck/", "https://www.thinkcreatecontent.com/t/", "https://dhamen-group.com/pkg/", "https://yadaksiklet.ir/track/", "https://sodocasino.net/pkg/", "https://service-fibre.fr/track/", "https://www.noithatamigo.com/track/", "https://swaddleblanket.co.uk/track/", "https://www.814.net.cn/pkg/", "https://risarcimentodaresponsabilita.it/trck/", "https://www.amazingseniors.my/pkg/", "https://sodovip88.com/pkg/", "https://www.yuanbiguo.com/pkg/", "https://www.amitay.co.il/pkge/", "https://sismonev.imanijatim.org/track/", "https://www.implementadigital.com.br/pkg/", "https://nicolyn.art/pkg/", "https://shopbakula.in/track/", "https://burgerbolong.tepo.my.id/track/", "https://bs015.rs/pkge/", "https://amensagemdedeus.com/trck/", "https://game7373.com/pkg/", "https://urbancare.tech/pkge/", "https://www.a1tuning.ru/trck/", "https://mail.rciptv.com.br/pkge/", "https://genesis.mu/trck/", "https://tringotv.com/pkg/", "https://tbwysx.cn/pkge/", "https://redprocesal.org/pkg/", "https://sodocasino.info/pkg/", "https://guideofantalya.com/track/", "https://buvago.my/trck/", "https://mercertrans.com/pkg/", "https://tour.place2b.com/pkge/", "https://www.valinus.ir/pkge/", "https://www.sugarsmooth.nl/pkg/", "https://onlinern.com.br/trck/", "https://jmacsmedia.com/pkge/", "https://konfirmasi.zakato.org/pkg/", "https://arkkam.com.tr/track/", "https://anggota.imoneyq.com/trck/", "https://zhshang.top/trck/", "https://www.magicmirrorai.com/track/", "https://webkikstarter.com/pkge/", "https://thevicz.com/trck/", "https://thandiphotography.com/trck/", "https://portfolio.netslider.fr/trck/", "https://sodocasino.in/pkge/", "https://jiu.bgt666.com/pkge/", "https://www.onlinesteroidsatis.com/trck/", "https://muniaa.ga/pkg/", "https://crypto-cloud.live/pkg/", "https://www.planetdisinfect.com/pkg/", "https://infinitehumanscx.com/pkg/", "https://pikasho.com/trck/", "https://iyouthleague.org/trck/", "https://easymatchprediction.com/track/", "https://questreams.com/trck/", "https://safwetalex.com/pkge/", "https://www.trustu.cn/pkg/", "https://fairycandy.love/pkg/", "https://negroniapplications.com/trck/", "https://suspro.vn/pkg/", "https://3seconds.co.kr/track/", "https://rbym.cc/pkge/", "https://www.impresario.co.in/trck/", "https://www.jxtcbz.cn/track/", "https://dentallearning.net/track/", "https://yishuhuoban.com/trck/", "https://adrianomedeiros.med.br/pkge/", "https://pelouseetdeneigementcaron.com/pkge/", "https://tomorrow-channel.com/track/", "https://www.fixmydeal.in/pkge/", "https://api.bayarsini.id/trck/", "https://www.xiaokbk.com/pkge/", "https://c96kart.co.in/pkg/", "https://bocahmlaku.com/track/", "https://chengtouji.com/pkg/", "https://ruanjianshi.cn/trck/", "https://blog.julianvilche.com/track/", "https://grotifortepijonu.lt/pkg/", "https://beautypoint.mk/track/", "https://www.googpo.com/pkg/", "https://ankhflora.com/pkg/", "https://maalhosonline.com/track/", "https://abris-spa.info/pkg/", "https://easymatchprediction.com/trck/", "https://mounter.io/pkg/", "https://tensideias.com/pkge/", "https://drswekshadermatology.com/pkge/", "https://goldingenarezidence.lv/trck/", "https://kimkorean.unestgroup.com/pkg/", "https://woodgrav.fr/trck/", "https://optiboard.de/pkg/", "https://ivylaneestate.ca/pkge/", "https://gloriousbrideofchrist.org/pkge/", "https://thenewsadvocate.com/pkg/", "https://okaybaby.ie/trck/", "https://noibaivilinh.com/trck/", "https://www.hcfairpods.com/track/", "https://fluechtlingshilfe.hoerstel.de/track/", "https://hahvn.com/pkg/", "https://bumbumdefinido.online/pkg/", "https://soawr-test.org/pkge/", "https://www.dicastec.tech/trck/", "https://maec.adv.br/track/", "https://habitatisolation.fr/pkge/", "https://laloorna.com/pkge/?1sbk89jvbma3", "https://odev.eminekoka.com/pkge/", "https://maphandbook.com/pkg/", "https://www.ong-fea.org/pkg/", "https://fortsaude.com.br/pkge/", "https://stevestudio.top/pkge/", "https://jliptv.com.br/track/", "https://www.barkoturk.com/trck/", "https://dxplorercakes.com.ng/track/", "https://therakshinproject.org/pkge/", "https://www.aktien-mentor.de/pkge/", "https://caramelpleven.eu/trck/", "https://marketpreneurs-group25.brainster.xyz/trck/", "https://www.chaoqi.shop/pkg/", "https://mensagensdabiblia.com.br/pkge/", "https://quickbrain.ml/track/", "https://simiwa.skpjatim.org/pkg/", "https://www.fourleafsocial.com/track/", "https://naomiterner.com/pkge/", "https://abbysfabricsandaccessories.com/pkg/", "https://sos-lock.net/track/", "https://rafalhryniewicki.pl/pkg/", "https://multiplaprotecao.com/pkg/", "https://vidasanar.com/pkg/", "https://healthheartlife.co.uk/pkge/", "https://www.tennis-utzenaich.at/pkg/", "https://saltandwater.de/track/", "https://datcomn.com/track/", "https://naturalbionics.eu/trck/", "https://test.propackwp.com/trck/", "https://iglesiacristianasoldejusticia.org.co/pkge/", "https://rsfsr-tomsk.su/pkg/", "https://hiyang.com.tw/trck/", "https://tbwysx.cn/trck/", "https://deluxeprizes.co.uk/pkge/", "http://birizmir.com.tr/track/", "https://supply-amazon.com/track/", "https://test.sanbornmarketing.co/pkge/", "https://www.abris-spa.net/pkge/", "https://oguzdoganay.com/pkge/", "https://laloorna.com/pkge/", "https://sttarastamar-ngabang.ac.id/track/", "https://meupiano.com.br/pkge/", "https://www.nkljubljana.si/pkge/", "https://www.interieurarchitect-maasdam.nl/pkge/", "https://www.parroquialalaguna.com/track/", "https://wusleylk.com/trck/", "http://www.wikalp.in/pkg/", "https://subtletg.com/pkge/", "https://isakseries.com/track/", "https://drivewords.com/pkge/", "https://www.yafa-coach.co.il/pkg/", "https://omdebar.ir/trck/", "http://oguiasecreto.com/track/", "https://www.tajabarta.com/pkge/" ], "ipv4": [], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" } }