{ "7f54bc47-e9a1-458d-9a64-8adef51ca24d": { "event_id": 11237, "created_at": "2021-06-04T07:55:36.426043+00:00", "updated_at": "2021-06-04T07:55:36.450218+00:00", "name": "Campagna di Scam/Phishing a tema Bitcoin", "description": "", "subject": null, "tlp": "0", "campaign_type": "phishing", "method": "linked", "country": "italy", "file_type": [], "theme": "Investimenti", "malware": null, "phishing": "Email generic", "tag": [], "ioc_list": { "md5": [], "sha1": [], "sha256": [], "imphash": [], "domain": [], "url": [ "https://bit.ly/3wV1saG", "http://07n7n.workerhand.casa/apmix", "https://bit.ly/3fJlpLU", "http://qajcy.momentexplain.link/apmix", "https://bit.ly/3ceXmSU", "http://2f5o3.workerhand.link/apmix", "http://ry6ej.giveeconomy.work/apmix", "https://bit.ly/2TFBCcA", "http://8f5we.sundayreturn.link/apmix", "https://bit.ly/3phJU6a" ], "ipv4": [], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" }, "dc68b236-dbdc-4463-87c7-388276e42151": { "event_id": 11236, "created_at": "2021-06-04T07:51:24.485951+00:00", "updated_at": "2021-06-04T07:51:24.518905+00:00", "name": "Campagna di Scam/Phishing a tema Bitcoin", "description": "", "subject": null, "tlp": "0", "campaign_type": "phishing", "method": "linked", "country": "italy", "file_type": [], "theme": "Investimenti", "malware": null, "phishing": "Email generic", "tag": [], "ioc_list": { "md5": [], "sha1": [], "sha256": [], "imphash": [], "domain": [], "url": [ "https://bit.ly/34Gsmab", "https://bit.ly/34GAwj8", "http://51c3.increaseworker.link/apmix", "http://d07mw.momentexplain.world/apmix", "https://bit.ly/34JUE3G", "http://alssr.workerhand.link/apmix", "http://9n1ni.giveeconomy.link/apmix", "http://scfrr.workerhand.casa/apmix", "http://n94u0.sundayreturn.world/apmix", "https://bit.ly/3z1hfa3", "http://k91n0.giveeconomy.link/apmix", "https://bit.ly/34KZSMx", "https://bit.ly/3vQeXbD", "https://bit.ly/3fNFBwe" ], "ipv4": [], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" }, "ae70196d-583c-4073-af96-69f3f45bf31a": { "event_id": 11235, "created_at": "2021-06-04T07:47:47.985344+00:00", "updated_at": "2021-06-04T07:47:48.055525+00:00", "name": "Campagna di Scam/Phishing a tema Bitcoin", "description": "", "subject": null, "tlp": "0", "campaign_type": "phishing", "method": "linked", "country": "italy", "file_type": [], "theme": "Investimenti", "malware": null, "phishing": "Email generic", "tag": [], "ioc_list": { "md5": [], "sha1": [], "sha256": [], "imphash": [], "domain": [], "url": [ "https://bit.ly/3g8ZFbA", "http://sczj.sectorfriend.link/apmix", "https://bit.ly/2Tv7GQc", "https://bit.ly/3uJ4e1o", "http://n60b.termcupboard.link/apmix", "https://bit.ly/3vIiFnH", "http://s3x1.confirmplace.link/apmix", "https://bit.ly/3yYJ1Ui", "http://ojyy7.sundayreturn.world/apmix", "https://bit.ly/2SRgXC2", "http://js0n.flyhead.world/apmix", "http://j4o8f.giveeconomy.work/apmix", "https://bit.ly/3vIZVod", "http://z7fc9.momentexplain.link/apmix", "http://e7cu1.workerhand.world/apmix", "http://9lc8.increaseworker.world/apmix", "http://a2m8.termcupboard.link/apmix" ], "ipv4": [], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" }, "c971e009-f720-4bb1-944c-54cf042ba4bb": { "event_id": 11234, "created_at": "2021-06-04T07:42:21.830686+00:00", "updated_at": "2021-06-04T07:42:21.883726+00:00", "name": "Campagna di Scam/Phishing a tema Bitcoin", "description": "", "subject": null, "tlp": "0", "campaign_type": "phishing", "method": "linked", "country": "italy", "file_type": [], "theme": "Investimenti", "malware": null, "phishing": "Email generic", "tag": [], "ioc_list": { "md5": [], "sha1": [], "sha256": [], "imphash": [], "domain": [], "url": [ "https://bit.ly/2QNy3ju", "https://bit.ly/3ceXmSU", "http://ctq07.moneyfat.link/apmix", "http://2f5o3.workerhand.link/apmix", "http://ry6ej.giveeconomy.work/apmix", "https://bit.ly/3uOAjom", "https://bit.ly/2TFBCcA", "http://76rmj.giveeconomy.work/apmix", "http://6xaam.sundayreturn.casa/apmix", "http://8f5we.sundayreturn.link/apmix", "https://bit.ly/3phJU6a", "https://bit.ly/2SRqPLV" ], "ipv4": [], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" }, "427b5b88-64c4-4cdf-be1d-63bfbe6fc794": { "event_id": 11233, "created_at": "2021-06-04T07:33:51.587239+00:00", "updated_at": "2021-06-04T07:33:51.627027+00:00", "name": "Campagna di Scam/Phishing a tema Bitcoin", "description": "", "subject": null, "tlp": "0", "campaign_type": "phishing", "method": "linked", "country": "italy", "file_type": [], "theme": "Investimenti", "malware": null, "phishing": "Email generic", "tag": [], "ioc_list": { "md5": [], "sha1": [], "sha256": [], "imphash": [], "domain": [], "url": [ "http://5kb5.commitrecord.world/apmix", "http://b1jfr.momentexplain.casa/apmix", "https://bit.ly/3uRcE6S", "https://bit.ly/3fKy4hT", "https://bit.ly/3vEw1kR", "http://sbn6.increaseworker.link/apmix", "https://bit.ly/2SQjPie", "http://nvjc.commitrecord.link/apmix" ], "ipv4": [], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" }, "8b16464c-f1d5-494b-b255-187a090b915d": { "event_id": 11231, "created_at": "2021-06-03T17:09:29.084941+00:00", "updated_at": "2021-06-03T17:13:49.869044+00:00", "name": "Campagna di Scam/Phishing a tema Bitcoin", "description": "La mail contiene short url bit.ly che esegue redirect su landing page su dominio vip.gewinncodesystem.shownew.work. Questa attraverso tecniche di social engineering e deep fake induce le vittime a inserire i dati di pagamento su una phishing page (dominio xpayz.net).", "subject": null, "tlp": "0", "campaign_type": "phishing", "method": "linked", "country": "italy", "file_type": [], "theme": "Investimenti", "malware": null, "phishing": "Email generic", "tag": [], "ioc_list": { "md5": [], "sha1": [], "sha256": [], "imphash": [], "domain": [], "url": [ "http://vip.gewinncodesystem.shownew.work/vip/IT/3982/", "http://url3276.platinex.co", "https://xpayz.net/payment/6a355a35-f612-487b-939c-5c07d1866b7e", "http://sbn6.increaseworker.link/apmix", "https://bit.ly/2SQjPie", "https://client.platinex.co/finance" ], "ipv4": [], "email": [] }, "email_victim": [], "ioca_version": "1.0", "organization": "cert-agid" } }