SECURITY REIMAGINED
Common Information
| Type | Value |
|---|---|
| UUID | 1cec643a-4c65-43a6-a113-f703bd8710b6 |
| Fingerprint | 432da0f728888db16f6c4053a8b30af91de8443efcc3558b708adf8d68b452d4 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 27, 2014, 3:28 p.m. |
| Added to db | May 14, 2024, 9:23 p.m. |
| Last updated | Aug. 31, 2024, 8:49 a.m. |
| Headline | SECURITY REIMAGINED |
| Title | SECURITY REIMAGINED |
| Detected Hints/Tags/Attributes | 219/3/122 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://cyber-peace.org/wp-content/uploads/2015/06/fireeye-apt28.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 35 | fireeye.com |
|
| Details | Domain | 124 | www.nytimes.com |
|
| Details | Domain | 4 | police.ge |
|
| Details | Domain | 3 | mia.ge.gov |
|
| Details | Domain | 3 | uropa.eu |
|
| Details | Domain | 184 | www.fireeye.com |
|
| Details | Domain | 6 | www.freedomhouse.org |
|
| Details | Domain | 3 | www.upi.com |
|
| Details | Domain | 3 | voiceofrussia.com |
|
| Details | Domain | 3 | kavkazcentr.info |
|
| Details | Domain | 3 | kavkazcenter.com |
|
| Details | Domain | 3 | rnil.am |
|
| Details | Domain | 3 | mil.am |
|
| Details | Domain | 9 | malware.prevenity.com |
|
| Details | Domain | 3 | baltichost.org |
|
| Details | Domain | 4 | standartnevvs.com |
|
| Details | Domain | 4 | standartnews.com |
|
| Details | Domain | 4 | novinitie.com |
|
| Details | Domain | 3 | n0vinite.com |
|
| Details | Domain | 5 | novinite.com |
|
| Details | Domain | 3 | qov.hu.com |
|
| Details | Domain | 3 | gov.hu |
|
| Details | Domain | 3 | q0v.pl |
|
| Details | Domain | 3 | mail.q0v.pl |
|
| Details | Domain | 16 | gov.pl |
|
| Details | Domain | 3 | mail.gov.pl |
|
| Details | Domain | 5 | poczta.mon.q0v.pl |
|
| Details | Domain | 3 | poczta.mon.gov.pl |
|
| Details | Domain | 3 | www.mil.ee |
|
| Details | Domain | 3 | www.kam.lt |
|
| Details | Domain | 16 | rt.com |
|
| Details | Domain | 3 | nato.nshq.in |
|
| Details | Domain | 3 | nshq.nato.int |
|
| Details | Domain | 4 | natoexhibitionff14.com |
|
| Details | Domain | 4 | natoexhibition.org |
|
| Details | Domain | 5 | login-osce.org |
|
| Details | Domain | 4 | osce.org |
|
| Details | Domain | 4 | online.co.uk |
|
| Details | Domain | 246 | mail.ru |
|
| Details | Domain | 3 | ae.norton.com |
|
| Details | Domain | 3 | mia.gov.ge |
|
| Details | Domain | 201 | msdn.microsoft.com |
|
| Details | Domain | 3 | adawareblock.com |
|
| Details | Domain | 4 | windows-updater.com |
|
| Details | Domain | 3 | adobeincorp.com |
|
| Details | Domain | 3 | windous.kz |
|
| Details | Domain | 3 | wind0ws.kz |
|
| Details | Domain | 3 | dr.house |
|
| Details | 3 | nato_smtp@mail.ru |
||
| Details | 3 | nato_pop@mail.ru |
||
| Details | 14 | info@fireeye.com |
||
| Details | File | 3 | 13cyber.html |
|
| Details | File | 9 | 26cyber.html |
|
| Details | File | 3 | press-release_memo-14-430_en.htm |
|
| Details | File | 3 | operation-saffron-rose.html |
|
| Details | File | 4 | malware-info.html |
|
| Details | File | 40 | gov.pl |
|
| Details | File | 21 | www.mil |
|
| Details | File | 3 | support_for_the_training_audience_of_exercise_saber_strike_2014_and_repelling_faked_cyber-attacks.html |
|
| Details | File | 6 | netids.dll |
|
| Details | File | 8 | coreshell.dll |
|
| Details | File | 4 | netui.dll |
|
| Details | File | 3 | winids.dll |
|
| Details | File | 3 | %temp%\chkdbg.log |
|
| Details | File | 3 | print_writeup.jsp |
|
| Details | File | 3 | cc194810.aspx |
|
| Details | File | 3 | dd318693.aspx |
|
| Details | File | 3 | cooperation.doc |
|
| Details | File | 5 | %localappdata%\svchost.exe |
|
| Details | File | 3 | %localappdata%\conhost.dll |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 199 | firefox.exe |
|
| Details | File | 263 | iexplore.exe |
|
| Details | File | 173 | outlook.exe |
|
| Details | File | 73 | opera.exe |
|
| Details | File | 8 | bat.exe |
|
| Details | File | 15 | msimn.exe |
|
| Details | File | 2 | vpngui.exe |
|
| Details | File | 2 | ipseca.exe |
|
| Details | File | 2 | ipsecc.exe |
|
| Details | File | 7 | openvpn.exe |
|
| Details | File | 8 | openssl.exe |
|
| Details | File | 50 | 3.exe |
|
| Details | File | 15 | msmsgs.exe |
|
| Details | File | 40 | wuauclt.exe |
|
| Details | File | 271 | chrome.exe |
|
| Details | File | 58 | thebat.exe |
|
| Details | File | 87 | skype.exe |
|
| Details | File | 2 | %allusersprofile%\edg6ef885e2.tmp |
|
| Details | File | 3 | edg6ef885e2.tmp |
|
| Details | File | 2126 | cmd.exe |
|
| Details | File | 2 | updatewindws.exe |
|
| Details | File | 1205 | index.php |
|
| Details | md5 | 3 | 272f0fde35dbdfccbca1e33373b3570d |
|
| Details | md5 | 3 | 8b92fe86c5b7a9e34f433a6fbac8bc3a |
|
| Details | md5 | 3 | 9eebfebe3987fec3c395594dc57a0c4c |
|
| Details | md5 | 3 | da2a657dc69d7320f2ffc87013f257ad |
|
| Details | md5 | 3 | 1259c4fe5efd9bf07fc4c78466f2dd09 |
|
| Details | md5 | 3 | 3b0ecd011500f61237c205834db0e13a |
|
| Details | md5 | 3 | 5882fda97fdf78b47081cc4105d44f7c |
|
| Details | md5 | 3 | 791428601ad12b9230b9ace4f2138713 |
|
| Details | md5 | 3 | ead4ec18ebce6890d20757bb9f5285b1 |
|
| Details | md5 | 3 | 48656a93f9ba39410763a2196aabc67f |
|
| Details | md5 | 3 | 8c4fa713c5e2b009114adda758adc445 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Threat Actor Identifier - APT | 18 | APT12 |
|
| Details | Url | 2 | http://www.nytimes.com/2008/08/13/technology/13cyber.html |
|
| Details | Url | 2 | http://www.nytimes.com/2010/08/26 |
|
| Details | Url | 2 | http://police.ge/en/home |
|
| Details | Url | 2 | http://www.fireeye.com/blog/technical |
|
| Details | Url | 2 | http://www.freedomhouse.org/report/freedom-press/2013/russia#.vd8fe9r4rew |
|
| Details | Url | 2 | http://www.upi.com/top_news/2004/11/16/chechen-website-promotes- |
|
| Details | Url | 2 | http://voiceofrussia.com/news/2013_05_15/lavrov-urges- |
|
| Details | Url | 2 | http://malware.prevenity.com/2014/08/malware-info.html |
|
| Details | Url | 2 | http://www.mil.ee/en |
|
| Details | Url | 2 | http://www.kam.lt/en/news_1098/current_issues/baltic_host_2014_rendering_host_nation_ |
|
| Details | Url | 2 | http://rt.com/news/164772-saber-strike- |
|
| Details | Url | 2 | http://ae.norton.com/security_response/print_writeup.jsp?docid=2004 |
|
| Details | Url | 2 | http://msdn.microsoft.com/en-us/library/cc194810.aspx |
|
| Details | Url | 2 | http://msdn.microsoft.com/en-us/library/dd318693.aspx |
|
| Details | Windows Registry Key | 3 | HKU\S-1-5-19_Classes\Software\Microsoft\MediaPlayer |
|
| Details | Windows Registry Key | 2 | HKU\S-1-5-19 |