Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

blackangel.dev #73572

Open
g0d33p3rsec opened this issue Feb 1, 2025 · 0 comments
Open

blackangel.dev #73572

g0d33p3rsec opened this issue Feb 1, 2025 · 0 comments
Labels
Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw

Comments

@g0d33p3rsec
Copy link
Collaborator

Comments

Domain is hosting stealc malware on multiple domains. See also: Phishing-Database/phishing#735

Wildcard domain records

blackangel.dev|malicious,phishing

Sub-Domain records

Hosts (RFC:952) specific records, not used by DNS RPZ firewalls

Safe Search records

Screenshots

Screenshot, click to expand

image
image
image
077c9629-72f8-474b-a439-06c6740625f1

Links to external sources

https://blackangel.dev/login.php
https://blackangel.dev/encrypthub/stealc/stealc.exe

https://app.any.run/tasks/9988ea8f-883f-432d-9b34-210b6072b50b
https://www.virustotal.com/gui/file/7914fb76e64e6766ca024f023a2ea009ddce2c41d35582bdd68e1a4197cdda48/details

Name servers

ns1.1domainregistry.com.
ns3.1domainregistry.com.
ns4.1domainregistry.com.
ns2.1domainregistry.com.

logs from uBlock Origin

null
@g0d33p3rsec g0d33p3rsec added Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw labels Feb 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@g0d33p3rsec