ioc[.]one - OSINT Cyber Threat Intelligence Database

Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments

Show in Graph

Common Information

Type	Value
UUID	235b144c-a10b-4517-897b-330c0d931dc1
Fingerprint	d4b5e6658e994f3a98ed23fc1f907c8d34a38aa0d5edba4170b2ce4cef4dea90
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 7, 2020, 5:04 p.m.
Added to db	March 10, 2024, 12:24 a.m.
Last updated	Aug. 30, 2024, 10:34 p.m.
Headline	Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments
Title	Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments
Detected Hints/Tags/Attributes	179/3/111

Source URLs

	Redirection	Url
Details	Source	https://documents.trendmicro.com/assets/Tech-Brief-Tropic-Trooper-s-Back-USBferry-Attack-Targets-Air-gapped-Environments.pdf

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	documents.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	Domain	2	www.dpponline.trickip.org
Details	Domain	1	jupiter.qpoe.com
Details	Domain	1	mila1314.ddns.info
Details	Domain	1	mila1314.25u.com
Details	Domain	1	mila1314.4dq.com
Details	Domain	1	oldape.25u.com
Details	Domain	1	oldape.4dq.com
Details	Domain	2	www.myinfo.ocry.com
Details	Domain	1	www.myzinfo.myz.info
Details	Domain	604	www.trendmicro.com
Details	File	1018	rundll32.exe
Details	File	1	flash_en.exe
Details	File	1260	explorer.exe
Details	File	1	%userprofile%\documents\flash\flash_en.exe
Details	File	1	c:\users\public\documents\flash\flash_en.exe
Details	File	2	flash_en.inf
Details	File	1	flash.dat
Details	File	2	flash_en.dat
Details	File	1122	svchost.exe
Details	File	54	file.exe
Details	File	2125	cmd.exe
Details	File	2	about.aspx
Details	File	172	dllhost.exe
Details	File	1	trend.png
Details	File	1	hpball.png
Details	File	1	asia.png
Details	File	1	falcon.png
Details	File	17	icon.png
Details	File	1	tipc.png
Details	md5	1	a6442744c3aaf38cb9159b553e665220
Details	md5	1	e4571af11d399237a5d0568623459349
Details	md5	1	0c8bc08bd72938dd74ee62673c19ea79
Details	md5	1	bcb8923db07fd9b4715d7d86d5756a11
Details	md5	1	eb9a801d0542b4aa6dc068bcc10cb8a4
Details	md5	1	b9f2df332e285e4b5180b1361683e315
Details	md5	1	8305c70825bb2eed99ba8bc0c90cb46b
Details	md5	1	48f6537edb05c10e54f7778298ab85fa
Details	md5	1	bb66f36dabb7781c36a8d5d836c68893
Details	md5	1	a8cf0c0570cfa7c0e4192498c4ddc05c
Details	md5	1	32299feded258d78323a7a23acd5463d
Details	md5	1	908c3fbbd46842817b53ab9116587d64
Details	md5	1	b4535aa71da630992392c3c202d59274
Details	md5	1	ce49a3fe4f1ac01d7434f1dceeda47e5
Details	md5	1	f21e3b927d269b0622d94c55db9d2808
Details	md5	1	758379aa413c10971fa745cd6e0503c0
Details	md5	1	545c8993ba46019ce68237ccd078e627
Details	md5	1	84fc6665d4c27c15ddb421529acfe0f1
Details	md5	1	697e0984d5aa83024389d848432e6aef
Details	md5	1	6ef51444b4f71251082bb2aa7d849e6c
Details	md5	1	32c7a06594b2bd1605453217a8f4a153
Details	md5	1	46d6c88b128c067886bfe3a0d3dc9cdd
Details	md5	1	83eca76156075cda86d931e404817087
Details	md5	1	6c30264e42eabdf2098d303942061b9d
Details	md5	1	3187205208a8d78954c053a6aeb6b3e9
Details	md5	1	3548b6d0c2a5720f81026b601c7824f4
Details	md5	1	bbc5917b99a0b080c8f0102aec9059eb
Details	md5	1	5645dfbaac9e48f3c4bfe9222f3b73f4
Details	sha256	1	83eca76156075cda86d931e4048170876c30264e42eabdf2098d303942061b9d
Details	sha256	1	34449fe014c30ca50357a7993f237ae07427eee49b354c9d53188fb2a803a074
Details	IPv4	295	8.8.8.8
Details	IPv4	4	113.10.221.89
Details	IPv4	1	128.69.102.172
Details	IPv4	2	223.27.35.244
Details	IPv6	1	::443
Details	MITRE ATT&CK Techniques	55	T1091
Details	MITRE ATT&CK Techniques	52	T1199
Details	MITRE ATT&CK Techniques	306	T1078
Details	MITRE ATT&CK Techniques	27	T1085
Details	MITRE ATT&CK Techniques	80	T1064
Details	MITRE ATT&CK Techniques	420	T1204
Details	MITRE ATT&CK Techniques	42	T1158
Details	MITRE ATT&CK Techniques	279	T1060
Details	MITRE ATT&CK Techniques	7	T1100
Details	MITRE ATT&CK Techniques	440	T1055
Details	MITRE ATT&CK Techniques	504	T1140
Details	MITRE ATT&CK Techniques	67	T1107
Details	MITRE ATT&CK Techniques	11	T1093
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	433	T1057
Details	MITRE ATT&CK Techniques	65	T1069
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	245	T1016
Details	MITRE ATT&CK Techniques	230	T1033
Details	MITRE ATT&CK Techniques	83	T1534
Details	MITRE ATT&CK Techniques	492	T1105
Details	MITRE ATT&CK Techniques	17	T1077
Details	MITRE ATT&CK Techniques	111	T1119
Details	MITRE ATT&CK Techniques	534	T1005
Details	MITRE ATT&CK Techniques	34	T1025
Details	MITRE ATT&CK Techniques	67	T1074
Details	MITRE ATT&CK Techniques	60	T1043
Details	MITRE ATT&CK Techniques	9	T1092
Details	MITRE ATT&CK Techniques	23	T1094
Details	MITRE ATT&CK Techniques	22	T1024
Details	MITRE ATT&CK Techniques	75	T1001
Details	MITRE ATT&CK Techniques	41	T1008
Details	MITRE ATT&CK Techniques	159	T1095
Details	MITRE ATT&CK Techniques	444	T1071
Details	MITRE ATT&CK Techniques	102	T1020
Details	MITRE ATT&CK Techniques	28	T1022
Details	MITRE ATT&CK Techniques	422	T1041
Details	MITRE ATT&CK Techniques	107	T1496
Details	Pdb	1	e:\work\vs project\usbferry_for_ph\bin\install_exe.pdb
Details	Pdb	1	e:\work\vs project\usbferry_for_ph\print\install_exe.pdb
Details	Pdb	1	e:\work\vs project\usbferry_copyfile_20150331\bin\install_exe.pdb
Details	Pdb	1	d:\work\vs\usbferry_v2\bin\usbferry.pdb
Details	Pdb	1	d:\work\vs\usbferry_v2\release\addautorun_x32.pdb
Details	Pdb	1	d:\work\vs\usbferry_v3\bin\ufloader.pdb
Details	Pdb	1	d:\work\vs\usbferry_v3\bin\usbferry.pdb
Details	Url	1	http://ip/a.exe
Details	Windows Registry Key	36	HKEY_CURRENT_USER\Software\Microsoft\Windows