Microsoft Word - Earth Karkaddan Tech Brief_ed_CC.docx
Common Information
| Type | Value |
|---|---|
| UUID | 05fb5c3c-d49c-43d8-b7bd-c3e259993f8d |
| Fingerprint | b1e66ddc869820190487fc421b7db38660ed19aac9250df0be5db927198e987b |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | None |
| Added to db | April 14, 2024, 3:21 a.m. |
| Last updated | Aug. 31, 2024, 6:32 a.m. |
| Headline | Microsoft Word - Earth Karkaddan Tech Brief_ed_CC.docx |
| Title | Microsoft Word - Earth Karkaddan Tech Brief_ed_CC.docx |
| Detected Hints/Tags/Attributes | 104/3/38 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | stealthagent.vi |
|
| Details | Domain | 3 | mdkhm.zip |
|
| Details | Domain | 5 | sharingmymedia.com |
|
| Details | Domain | 3 | android.viral91.xyz |
|
| Details | Domain | 3 | viral91.xyz |
|
| Details | Domain | 15 | android.permission.camera |
|
| Details | Domain | 138 | www.darkreading.com |
|
| Details | Domain | 208 | mp.weixin.qq.com |
|
| Details | Domain | 11 | www.amnesty.org |
|
| Details | Domain | 20 | www.seqrite.com |
|
| Details | Domain | 261 | blog.talosintelligence.com |
|
| Details | Domain | 403 | securelist.com |
|
| Details | Domain | 58 | ti.qianxin.com |
|
| Details | Domain | 5 | team-cymru.com |
|
| Details | File | 3 | mdkhm.zip |
|
| Details | File | 3 | dlrarhsiva.exe |
|
| Details | File | 2 | 1more-details.doc |
|
| Details | File | 1 | new.apk |
|
| Details | File | 5 | campaign.html |
|
| Details | sha1 | 3 | 74bd7b456d9e651fc84446f65041bef1207c408d |
|
| Details | sha256 | 2 | d9979a41027fe790399edebe5ef8765f61e1eb1a4ee1d11690b4c2a0aa38ae42 |
|
| Details | sha256 | 1 | 8cb542f5793279b8a11af28e9352f41d400856a28e40ed1daa323b47f9ea3e3c |
|
| Details | IPv4 | 3 | 209.127.19.241 |
|
| Details | Threat Actor Identifier - APT-C | 14 | APT-C-56 |
|
| Details | Threat Actor Identifier - APT | 121 | APT36 |
|
| Details | Url | 1 | https://www.darkreading.com/threat-intelligence/-obliquerat-now-hides-behind- |
|
| Details | Url | 1 | https://www.trendmicro.com/en_us/research/16/c/indian-military-personnel-targeted-by-information-theft- |
|
| Details | Url | 1 | https://mp.weixin.qq.com/s/xum2x89gub8up6otn612fg. |
|
| Details | Url | 1 | https://www.kaspersky.com/about/press-releases/2020_a-look-into-transparent-tribe-the-prolific-espionage- |
|
| Details | Url | 1 | https://www.techrepublic.com/article/compromising-a-government-network-is-so-simple-an-out-of-the-box-dark- |
|
| Details | Url | 1 | https://www.amnesty.org/en/documents/asa33/8366/2018/en/. |
|
| Details | Url | 1 | https://www.seqrite.com/blog/operation-honey-trap-apt36-targets-defense- |
|
| Details | Url | 1 | https://mp.weixin.qq.com/s/elydvdmiiy4fz3kpmaddzq. |
|
| Details | Url | 1 | https://blog.talosintelligence.com/2021/02/obliquerat-new- |
|
| Details | Url | 1 | https://securelist.com/transparent-tribe-part-2/98233/. |
|
| Details | Url | 1 | https://ti.qianxin.com/blog/articles/another-targeted-attack-on- |
|
| Details | Url | 1 | https://team-cymru.com/blog/2021/07/02/transparent-tribe-apt-infrastructure-mapping-2/. |
|
| Details | Windows Registry Key | 112 | HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |