{ "Event": { "analysis": "1", "date": "2026-03-07", "extends_uuid": "", "info": "[Threat Intel][PhishHuntMY] How a Fake eWallet Aid Page Steals Your Telegram Account", "protected": false, "publish_timestamp": "1774021942", "published": true, "threat_level_id": "3", "timestamp": "1774012060", "uuid": "d5db54fc-c17c-41dd-bf0e-051090d68e97", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#0088cc", "local": false, "name": "misp-galaxy:target-information=\"Malaysia\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#130049", "local": false, "name": "rectifyq:sub-category=\"campaign-analysis\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#dd2e44", "local": false, "name": "rectifyq:MY-relevancy=\"relevant\"", "relationship_type": "" }, { "colour": "#8ed4a7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Credentials from Web Browsers - T1555.003\"", "relationship_type": "" }, { "colour": "#65d24c", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Gather Victim Identity Information - T1589\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Impersonation - T1656\"", "relationship_type": "" }, { "colour": "#75ec20", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Masquerading - T1036\"", "relationship_type": "" }, { "colour": "#e08bb2", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Obfuscated Files or Information - T1027\"", "relationship_type": "" }, { "colour": "#a0d02a", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Phishing for Information - T1598\"", "relationship_type": "" }, { "colour": "#c202a1", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Spearphishing Link - T1566.002\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"from-original-src\"", "relationship_type": "" }, { "colour": "#0088cc", "local": false, "name": "misp-galaxy:online-service=\"b0c71d51-34fd-47b5-9eb4-dd406ffc607f\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#3d00e9", "local": false, "name": "rectifyq:action-taken=\"telegram\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773628180", "to_ids": false, "type": "link", "uuid": "d2f1f5db-9abd-48e3-b3d3-76fd8053a555", "value": "https://badrulmunir.com/posts/fake-ewallet-my/" }, { "category": "Payload delivery", "comment": "No sample in VT\r\nLast check:17/03/2026 No sample in VT\r\nLast check:20/03/2026", "deleted": false, "disable_correlation": false, "timestamp": "1774012060", "to_ids": true, "type": "sha256", "uuid": "fd9b1ff4-44dd-47b8-9d0c-98f446460793", "value": "aea32c34b4c7f43766908856ff2ae7e5c1d75c290eb3b4ae37fb60b9a23c486f", "Tag": [ { "colour": "#260091", "local": false, "name": "rectifyq:ioc=\"enriched\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"VirusTotal\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752789", "to_ids": true, "type": "url", "uuid": "3f873ad3-ec18-41a2-b40b-684920c3319c", "value": "https://bantuan-ewallet-tng-my65mo.ask88sx.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752811", "to_ids": true, "type": "url", "uuid": "586f87d6-7d32-44b8-8b7f-c4522f999819", "value": "https://bantuan-tng-ewallet-my-009k.faj8.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752832", "to_ids": true, "type": "url", "uuid": "d04f81e4-5c48-462e-bf13-683708f95ae7", "value": "https://new-link-update-nhcr52.dwwb41.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752853", "to_ids": true, "type": "url", "uuid": "324e6963-6aad-4374-8681-b136a54e5745", "value": "https://tng-ewallet-chc5x7.uncategori-v3.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752874", "to_ids": true, "type": "url", "uuid": "b790db4a-b55e-4908-b97b-5bc8fa234601", "value": "https://tng-ewallet-ch7v1.qx0-b5.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752895", "to_ids": true, "type": "url", "uuid": "7d9eff67-1a88-4105-b68f-005b940adb1d", "value": "https://tng-ewallet-xvcy8.fast-x9.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752917", "to_ids": true, "type": "url", "uuid": "3ab8d213-0223-4871-a7b9-829402a0bba9", "value": "https://tng-ewallet-gxk7v3.zx88c.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752938", "to_ids": true, "type": "url", "uuid": "daf6720b-933a-4e05-b756-bdafc9ccaefa", "value": "https://tbg-ewallet-xdt42.qif7.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752960", "to_ids": true, "type": "url", "uuid": "c38b8d0e-d1f4-406d-97a4-608876e21226", "value": "https://tng-ewallet-chx9m.axf66.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773752981", "to_ids": true, "type": "url", "uuid": "5867e446-d88a-48ad-8a5c-21e3727d7110", "value": "https://tng-ewallet-ex73f.afc88v.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753002", "to_ids": true, "type": "url", "uuid": "83b72a8d-f248-4911-8af8-165d62ad99fd", "value": "https://tng-digital-bc882x.qx0-b5.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753023", "to_ids": true, "type": "url", "uuid": "5f70fdd1-296c-452e-b395-07aa7add1860", "value": "https://bantuan-ewallet-2026.zx88c.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753044", "to_ids": true, "type": "url", "uuid": "dce158d2-c651-498a-a21a-25d31779b5df", "value": "https://tng-digital-cfx008.exc-k7.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753065", "to_ids": true, "type": "url", "uuid": "2a276048-f2e4-4a16-aceb-bb1075c2f961", "value": "https://tng-ewalet2026-vx9.regis-x8.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753086", "to_ids": true, "type": "url", "uuid": "a3bef154-6535-40a3-9922-f241c552bdb8", "value": "https://bantuan-tng-ewallet-fj2z8.xxx55.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753108", "to_ids": true, "type": "url", "uuid": "01b62755-8f38-4b40-9aa1-b82bbf657821", "value": "https://tng-ewallet-ic5s80.zx88.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753130", "to_ids": true, "type": "url", "uuid": "84692249-3cca-4a70-b5e5-b04dec637783", "value": "https://bantuan-tng-ewallet-ckf772f.vip-66dx.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753150", "to_ids": true, "type": "url", "uuid": "244ab921-cf96-49ad-85ae-f3ca62574f84", "value": "https://bantuan-tng-ewallet-dgp85.saft88.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753172", "to_ids": true, "type": "url", "uuid": "a2fbd697-01fd-4259-88ec-214c7ff669c2", "value": "https://bantuan-ewallet-tng-2025-my76c08.gvw08d.my.id/", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773753193", "to_ids": true, "type": "url", "uuid": "bc8b37b7-5a69-4c13-87c4-5a4301e65f9f", "value": "http://bantuan-ewallet-tng-2025-my76c08.gvw08d.my.id/", "Tag": [ { "colour": "#f08989", "local": false, "name": "NotFoundError", "relationship_type": "" } ] } ] } }