Detects a phishing kit developed by a threat actor under the alias of 'm3dular'.
title: m3dular Phishing Kit ea8f67e
description: |
Detects a phishing kit developed by
a threat actor under the alias of 'm3dular'.
references:
- https://urlscan.io/result/ea8f67e9-d22b-4f14-b8f8-7f44a019100d
- https://urlscan.io/result/4d5df981-e768-4acf-a925-8395fdc73cc4
- https://twitter.com/JCyberSec_/status/1575054303873486848
detection:
kitStructure:
requests|contains|all:
- 'm3d.js' # antivm script
- 'm3cache' # asset cache folder
- 'mx.png' #
condition: kitStructure
tags:
- kit
- threat_actor.m3dular