Chinese State-Sponsored Group 'RedDelta' Targets the Vatican and Catholic Organizations
Common Information
| Type | Value |
|---|---|
| UUID | 084aa71a-9acb-4306-9ec5-54dfeb4e8778 |
| Fingerprint | 26662167edfa3ed1c2727996f9d40b20f86680fbf30b68029e2e83f80f4c8b49 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 28, 2020, 9:10 p.m. |
| Added to db | March 10, 2024, 12:57 a.m. |
| Last updated | Aug. 30, 2024, 10:29 p.m. |
| Headline | Chinese State-Sponsored Group 'RedDelta' Targets the Vatican and Catholic Organizations |
| Title | Chinese State-Sponsored Group 'RedDelta' Targets the Vatican and Catholic Organizations |
| Detected Hints/Tags/Attributes | 147/4/106 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://go.recordedfuture.com/hubfs/reports/cta-2020-0728.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 546 | www.recordedfuture.com |
|
| Details | Domain | 3 | cabsecnow.com |
|
| Details | Domain | 2 | cab-sec.com |
|
| Details | Domain | 4 | ipsoftwarelabs.com |
|
| Details | Domain | 4 | systeminfor.com |
|
| Details | Domain | 2 | lameers.com |
|
| Details | Domain | 5 | web.miscrosaft.com |
|
| Details | Domain | 4 | lib.jsquerys.net |
|
| Details | Domain | 5 | lib.hostareas.com |
|
| Details | Domain | 2 | sbicabsec.com |
|
| Details | Domain | 3 | forexdualsystem.com |
|
| Details | Domain | 3 | lionforcesystems.com |
|
| Details | Domain | 5 | apple-net.com |
|
| Details | Domain | 4 | wbemsystem.com |
|
| Details | Domain | 2 | hostareas.com |
|
| Details | Domain | 3 | svrhosts.com |
|
| Details | Domain | 3 | strust.club |
|
| Details | Domain | 3 | svchosts.com |
|
| Details | Domain | 2 | law.zip |
|
| Details | Domain | 5 | www.systeminfor.com |
|
| Details | Domain | 2 | 491.189.zip |
|
| Details | Domain | 3 | dat.read |
|
| Details | File | 3 | law.doc |
|
| Details | File | 9 | lib.js |
|
| Details | File | 2 | law.zip |
|
| Details | File | 2 | law.exe |
|
| Details | File | 33 | wwlib.dll |
|
| Details | File | 2 | hk.dat |
|
| Details | File | 2 | law.docx |
|
| Details | File | 2 | hk.exe |
|
| Details | File | 7 | updates.exe |
|
| Details | File | 9 | hex.dll |
|
| Details | File | 7 | adobeupdate.dat |
|
| Details | File | 323 | winword.exe |
|
| Details | File | 3 | qum.dat |
|
| Details | File | 50 | www.sys |
|
| Details | File | 34 | acrord32.exe |
|
| Details | File | 2 | 441.exe |
|
| Details | File | 9 | acrord32.dll |
|
| Details | File | 2 | dis.dat |
|
| Details | File | 49 | onedrive.exe |
|
| Details | File | 2 | dotnetloader40.exe |
|
| Details | File | 2 | beacon.txt |
|
| Details | File | 4 | dtcla.php |
|
| Details | File | 41 | mpsvc.dll |
|
| Details | File | 2 | 189.zip |
|
| Details | File | 2 | islam.rar |
|
| Details | File | 7 | http_dll.dat |
|
| Details | md5 | 2 | 660d1132888b2a2ff83b695e65452f87 |
|
| Details | md5 | 2 | 2a245c0245809f4a33b5aac894070519 |
|
| Details | md5 | 2 | 2e69b5ed15156e5680334fa88be5d1bd |
|
| Details | md5 | 3 | c6206b8eacabc1dc3578cec2b91c949a |
|
| Details | md5 | 2 | 2ec79d0605a4756f4732aba16ef41b22 |
|
| Details | md5 | 2 | 6060f7dc35c4d43728d5ca5286327c01 |
|
| Details | md5 | 2 | e57f8364372e3ba866389c2895b42628 |
|
| Details | md5 | 2 | 2351F62176D4F3A6429D9C2FF7D444E2 |
|
| Details | md5 | 2 | 9c44ec556d53301d86c13a884128b8de |
|
| Details | md5 | 2 | 977beb9a5a2bd24bf333397c33a0a67e |
|
| Details | md5 | 2 | b613cc3396ae0e9e5461a910bcac8ca5 |
|
| Details | md5 | 2 | 83763fe02f41c1b3ce099f277391732a |
|
| Details | sha1 | 2 | 01c1fd0e5b8b7bbed62bc8a6f7c9ceff1725d4ff |
|
| Details | sha1 | 2 | 1d3b34c473231f148eb3066351c92fb3703d26c6 |
|
| Details | sha1 | 2 | c27f2ed5029418c7f786640fb929460b9f931671 |
|
| Details | sha1 | 2 | c435c75877b39406dbe06e357ef304710d567da9 |
|
| Details | sha1 | 2 | 93e8445862950ef682c2d22a9de929b72547643a |
|
| Details | sha1 | 2 | 304e1eb8ab50b5e28cbbdb280d653efae4052e1f |
|
| Details | sha1 | 2 | 35ff54838cb6db9a1829d110d2a6b47001648f17 |
|
| Details | sha1 | 2 | fb29f04fb4ffb71f623481cffe221407e2256e0a |
|
| Details | sha1 | 2 | 1bdbabe56b4659fca2813a79e972a82a26ef12b1 |
|
| Details | sha1 | 2 | 7c683d3c3590cbc61b5077bc035f4a36cae097d4 |
|
| Details | sha1 | 2 | d7e55b655a2a90998dbab0f921115edc508e1bf9 |
|
| Details | sha1 | 2 | 28746fd20a4032ba5fd3a1a479edc88cd74c3fc9 |
|
| Details | sha1 | 2 | 3ed2d4e3682d678ea640aadbfc08311c6f2081e8 |
|
| Details | sha256 | 2 | 7824eb5f173c43574593bd3afab41a60e0e2ffae80201a9b884721b451e6d935 |
|
| Details | sha256 | 3 | 9bac74c592a36ee249d6e0b086bfab395a37537ec87c2095f999c00b946ae81d |
|
| Details | sha256 | 2 | 86590f80b4e1608d0367a7943468304f7eb665c9195c24996281b1a958bc1512 |
|
| Details | sha256 | 2 | fb7e8a99cf8cb30f829db0794042232acfe7324722cbea89ba8b77ce2dcf1caa |
|
| Details | sha256 | 3 | 282eef984c20cc334f926725cc36ab610b00d05b5990c7f55c324791ab156d92 |
|
| Details | sha256 | 2 | 4cef5835072bb0290a05f9c5281d4a614733f480ba7f1904ae91325a10a15a04 |
|
| Details | sha256 | 2 | f6e5a3a32fb3aaf3f2c56ee482998b09a6ced0a60c38088e7153f3ca247ab1cc |
|
| Details | sha256 | 3 | 8a07c265a20279d4b60da2cc26f2bb041730c90c6d3eca64a8dd9f4a032d85d3 |
|
| Details | sha256 | 2 | bc6c2fda18f8ee36930b469f6500e28096eb6795e5fd17c44273c67bc9fa6a6d |
|
| Details | sha256 | 2 | 01c1fd0e5b8b7bbed62bc8a6f7c9ceff1725d4ff6ee86fa813bf6e70b079812f |
|
| Details | sha256 | 2 | 7d85ebd460df8710d0f60278014654009be39945a820755e1fbd59030c14f4c7 |
|
| Details | sha256 | 3 | 4c8405e1c6531bcb95e863d0165a589ea31f1e623c00bcfd02fbf4f434c2da79 |
|
| Details | IPv4 | 2 | 167.88.180.5 |
|
| Details | IPv4 | 3 | 85.209.43.21 |
|
| Details | IPv4 | 3 | 103.85.24.136 |
|
| Details | IPv4 | 3 | 103.85.24.149 |
|
| Details | IPv4 | 4 | 103.85.24.190 |
|
| Details | IPv4 | 4 | 154.213.21.70 |
|
| Details | IPv4 | 3 | 154.213.21.73 |
|
| Details | IPv4 | 5 | 154.213.21.207 |
|
| Details | IPv4 | 4 | 167.88.180.32 |
|
| Details | IPv4 | 2 | 167.88.180.198 |
|
| Details | IPv4 | 2 | 154.213.21.27 |
|
| Details | IPv4 | 3 | 167.88.177.224 |
|
| Details | IPv4 | 2 | 167.88.180.132 |
|
| Details | Url | 2 | http://167.88.180.198 |
|
| Details | Url | 2 | http://103.85.24.190/qum.dat |
|
| Details | Url | 1 | http://167.88.180.198/dis.dat |
|
| Details | Url | 2 | http://167.88.180.198/hk.dat |
|
| Details | Url | 2 | http://103.85.24.190/qum. |
|
| Details | Url | 1 | http://154.213.21.27/dotnetloader40. |
|
| Details | Url | 1 | http://154.213.21.27/beacon.txt |
|
| Details | Url | 2 | http://154.213.21.70/wp08/wp-includes/dtcla.php |