Generic Email ec34bc68

A generic email phishing kit loading CSS from an appspot project using a hard-coded access token.

References

Recent Detections

  • hxxps://u14511627[.]ct[.]sendgrid[.]net/ls/click?upn=oGQNUT-2FE-...
  • hxxps://storageapi[.]fleek[.]co/68630c1b-8de9-4c37-9b02-a399843f...
  • hxxp://2008cupqsvid2nts479gha8bpdv63id59acm3pasb0avmod0um9qgj8[....
  • hxxp://2001tid7rdhlne5e3752npot4vbs4ri2bv2c3qt4ieu23qjirkc49s8[....
  • hxxps://storageapi[.]fleek[.]co/68630c1b-8de9-4c37-9b02-a399843f...
  • hxxps://storageapi[.]fleek[.]co/68630c1b-8de9-4c37-9b02-a399843f...
  • hxxps://storageapi[.]fleek[.]co/68630c1b-8de9-4c37-9b02-a399843f...
  • hxxp://20022d6pp86a50gq1a16rtmtspe9lrqmod1souljn6gb8q5djad4kqo[....
  • hxxp://storage[.]googleapis[.]com/anjumaa0059.appspot.com/indsad...
  • hxxps://2009d2ho522il5iaa9amua41bkgd63r74u1krmuoeo4j269vs6h0dkg[...

IOK Rule (edit)

title: Generic Email ec34bc68
description: |
  A generic email phishing kit loading CSS from an appspot project using a hard-coded access token.
references:
  - https://urlscan.io/result/67743b55-f830-49e6-b71e-2fc71e4b8914/
detection:
  bootstrapToken:
    requests|contains: 'bootstrap.min.css?alt=media&token=ec34bc68-b721-48e5-a02a-8deed9a44325'

  condition: bootstrapToken