27 May 2021 MI-000148-MW APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity
Common Information
| Type | Value |
|---|---|
| UUID | 0508a9ca-141c-4a96-990d-3caf384e2321 |
| Fingerprint | 42ee88995d06cb3e3d0c5ebc6586bc25e533e913ab7cf73d846d21066d810a65 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | May 27, 2021, 10:46 a.m. |
| Added to db | April 14, 2024, 9:13 a.m. |
| Last updated | Aug. 31, 2024, 6:58 a.m. |
| Headline | 27 May 2021 MI-000148-MW APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity |
| Title | 27 May 2021 MI-000148-MW APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity |
| Detected Hints/Tags/Attributes | 45/1/18 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.ic3.gov/Media/News/2021/210527.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 150 | cve-2018-13379 |
|
| Details | CVE | 11 | cve-2019-5591 |
|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 167 | www.ic3.gov |
|
| Details | File | 6 | audio.exe |
|
| Details | File | 15 | frpc.exe |
|
| Details | File | 1 | 3_windows_amd64.zip |
|
| Details | File | 5 | frps.exe |
|
| Details | File | 2 | 0_windows_amd64.zip |
|
| Details | md5 | 2 | b90f05b5e705e0b0cb47f51b985f84db |
|
| Details | md5 | 1 | 93a138801d9601e4c36e6274c8b9d111 |
|
| Details | md5 | 1 | 26f330dadcdd717ef575aa5bfcdbe76a |
|
| Details | md5 | 2 | 91802a615b3a5c4bcc05bc5f66a5b219 |
|
| Details | sha1 | 3 | 5bd0690247dc1e446916800af169270f100d089b |
|
| Details | sha1 | 2 | c4160aa55d092cf916a98f3b3ee8b940f2755053 |
|
| Details | Url | 1 | https://github.com/fatedier/frp/releases/download/v0.34.3 |
|
| Details | Url | 1 | https://github.com/fatedier/frp/releases/download/v0.33.0 |
|
| Details | Url | 26 | https://www.ic3.gov/pifsurvey |