GreenCharlie Infrastructure Linked to US Political Campaign Targeting
Common Information
| Type | Value |
|---|---|
| UUID | 357e4348-1eff-42b1-990f-7b1ec363443c |
| Fingerprint | 1ba811d71a17b11a2b5d0171867b45a3eda98ec5ba3940f3c18a05b5c3dbe70a |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 19, 2024, 9 p.m. |
| Added to db | Sept. 3, 2024, 10:32 a.m. |
| Last updated | Sept. 3, 2024, 10:37 a.m. |
| Headline | GreenCharlie Infrastructure Linked to US Political Campaign Targeting |
| Title | GreenCharlie Infrastructure Linked to US Political Campaign Targeting |
| Detected Hints/Tags/Attributes | 122/4/151 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://go.recordedfuture.com/hubfs/reports/cta-ir-2024-0820.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Autonomous System Number | 5 | AS58061 |
|
| Details | Autonomous System Number | 40 | AS16276 |
|
| Details | Autonomous System Number | 6 | AS49981 |
|
| Details | Autonomous System Number | 14 | AS9009 |
|
| Details | Autonomous System Number | 1 | AS211381 |
|
| Details | Autonomous System Number | 1 | AS202319 |
|
| Details | Domain | 546 | www.recordedfuture.com |
|
| Details | Domain | 1 | documentcloudeditor.ddnsgeek.com |
|
| Details | Domain | 1 | uptimezonemetadta.run.place |
|
| Details | Domain | 1 | coldwarehexahash.dns-dynamic.net |
|
| Details | Domain | 1 | readquickarticle.dns-dynamic.net |
|
| Details | Domain | 1 | uptime-timezone.dns-dynamic.net |
|
| Details | Domain | 1 | translatorupdater.dns-dynamic.net |
|
| Details | Domain | 1 | activeeditor.info |
|
| Details | Domain | 1 | personalwebview.info |
|
| Details | Domain | 1 | longlivefreedom.ddns.net |
|
| Details | Domain | 1 | hugmefirstddd.ddns.net |
|
| Details | Domain | 1 | icenotebook.ddns.net |
|
| Details | Domain | 1 | softservicetel.ddns.net |
|
| Details | Domain | 1 | configtools.linkpc.net |
|
| Details | Domain | 1 | webviewerpage.info |
|
| Details | Domain | 1 | www.selfpackage.info |
|
| Details | Domain | 1 | selfpackage.info |
|
| Details | Domain | 1 | itemselectionmode.info |
|
| Details | Domain | 1 | termsstatement.duckdns.org |
|
| Details | Domain | 1 | mobiletoolssdk.dns-dynamic.net |
|
| Details | Domain | 1 | researchdocument.info |
|
| Details | Domain | 1 | timelinepage.dns-dynamic.net |
|
| Details | Domain | 1 | searchstatistics.duckdns.org |
|
| Details | Domain | 1 | messagepending.info |
|
| Details | Domain | 1 | www.chatsynctransfer.info |
|
| Details | Domain | 1 | synctimezone.dns-dynamic.net |
|
| Details | Domain | 1 | chatsynctransfer.info |
|
| Details | Domain | 1 | timezone-update.duckdns.org |
|
| Details | Domain | 1 | onetimestorage.info |
|
| Details | Domain | 1 | towerreseller.dns-dynamic.net |
|
| Details | Domain | 1 | api.overall-continuing.site |
|
| Details | Domain | 1 | backend.cheap-case.site |
|
| Details | Domain | 1 | admin.cheap-case.site |
|
| Details | Domain | 1 | demo.cheap-case.site |
|
| Details | Domain | 1 | dev.cheap-case.site |
|
| Details | Domain | 1 | app.cheap-case.site |
|
| Details | Domain | 1 | api.cheap-case.site |
|
| Details | Domain | 1 | editioncloudfiles.dns-dynamic.net |
|
| Details | Domain | 1 | fileeditiontools.linkpc.net |
|
| Details | Domain | 1 | entryconfirmation.duckdns.org |
|
| Details | Domain | 1 | doceditor.duckdns.org |
|
| Details | Domain | 1 | projectdrivevirtualcloud.co.uk |
|
| Details | Domain | 1 | continueresource.forumz.info |
|
| Details | Domain | 1 | destinationzone.duia.eu |
|
| Details | Domain | 1 | onlinecloudzone.info |
|
| Details | Domain | 1 | storageprovider.duia.eu |
|
| Details | Domain | 1 | lineeditor.32-b.it |
|
| Details | Domain | 1 | lineeditor.001www.com |
|
| Details | Domain | 1 | lineeditor.mypi.co |
|
| Details | Domain | 1 | dynamicrender.line.pm |
|
| Details | Domain | 1 | nextcloudzone.dns-dynamic.net |
|
| Details | Domain | 1 | realpage.redirectme.net |
|
| Details | Domain | 1 | sharestoredocs.theworkpc.com |
|
| Details | Domain | 1 | thisismyapp.accesscam.org |
|
| Details | Domain | 1 | thisismydomain.chickenkiller.com |
|
| Details | Domain | 1 | pagerendercloud.linkpc.net |
|
| Details | Domain | 1 | splitviewer.linkpc.net |
|
| Details | Domain | 1 | pageviewer.linkpc.net |
|
| Details | Domain | 1 | preparingdestination.fixip.org |
|
| Details | Domain | 1 | joincloud.mypi.co |
|
| Details | Domain | 1 | joincloud.duckdns.org |
|
| Details | Domain | 1 | realcloud.info |
|
| Details | Domain | 1 | directfileinternal.info |
|
| Details | Domain | 1 | sourceusedirection.mypi.co |
|
| Details | Domain | 1 | viewdestination.vpndns.net |
|
| Details | Domain | 1 | overflow.duia.eu |
|
| Details | Domain | 1 | tracedestination.duia.eu |
|
| Details | Domain | 1 | continue.duia.eu |
|
| Details | Domain | 1 | linereview.duia.eu |
|
| Details | Domain | 1 | highlightsreview.line.pm |
|
| Details | Domain | 1 | nextcloud.duia.us |
|
| Details | Domain | 1 | smartview.dns-dynamic.net |
|
| Details | Domain | 1 | contentpreview.redirectme.net |
|
| Details | Domain | 1 | finaledition.redirectme.net |
|
| Details | Domain | 1 | dynamictranslator.ddnsgeek.com |
|
| Details | Domain | 1 | personalstoragebox.linkpc.net |
|
| Details | Domain | 1 | personalcloudparent.info |
|
| Details | Domain | 1 | cloudarchive.info |
|
| Details | Domain | 1 | cloudregionpages.info |
|
| Details | Domain | 1 | streaml23.duia.eu |
|
| Details | Domain | 1 | pkglessplans.xyz |
|
| Details | Domain | 1 | worldstate.duia.us |
|
| Details | Domain | 1 | callfeedback.duia.ro |
|
| Details | Domain | 1 | reviewedition.duia.eu |
|
| Details | Domain | 1 | filereader.dns-dynamic.net |
|
| Details | Domain | 1 | vector.kozow.com |
|
| Details | Domain | 1 | cloudtools.duia.eu |
|
| Details | Domain | 265 | recordedfuture.com |
|
| Details | sha256 | 2 | c3486133783379e13ed37c45dc6645cbee4c1c6e62e7988722931eef99c8eaf3 |
|
| Details | sha256 | 2 | 33a61ff123713da26f45b399a9828e29ad25fbda7e8994c954d714375ef92156 |
|
| Details | sha256 | 2 | 4ac088bf25d153ec2b9402377695b15a28019dc8087d98bd34e10fed3424125f |
|
| Details | IPv4 | 1 | 172.86.77.85 |
|
| Details | IPv4 | 1 | 38.180.146.219 |
|
| Details | IPv4 | 1 | 45.137.213.145 |
|
| Details | IPv4 | 1 | 38.180.123.113 |
|
| Details | IPv4 | 1 | 38.180.123.135 |
|
| Details | IPv4 | 4 | 38.180.146.194 |
|
| Details | IPv4 | 4 | 38.180.146.174 |
|
| Details | IPv4 | 1 | 185.241.61.86 |
|
| Details | IPv4 | 1 | 37.148.63.24 |
|
| Details | IPv4 | 1 | 93.119.48.60 |
|
| Details | IPv4 | 1 | 5.106.153.245 |
|
| Details | IPv4 | 1 | 5.106.169.235 |
|
| Details | IPv4 | 1 | 5.106.185.98 |
|
| Details | IPv4 | 1 | 5.106.202.101 |
|
| Details | IPv4 | 1 | 5.106.219.243 |
|
| Details | IPv4 | 1 | 185.166.104.3 |
|
| Details | IPv4 | 1 | 185.166.104.4 |
|
| Details | IPv4 | 1 | 193.111.236.130 |
|
| Details | IPv4 | 1 | 94.74.175.209 |
|
| Details | IPv4 | 1 | 185.143.233.120 |
|
| Details | IPv4 | 1 | 94.74.145.184 |
|
| Details | IPv4 | 1 | 37.255.251.17 |
|
| Details | IPv4 | 1 | 185.159.159.140 |
|
| Details | IPv4 | 1 | 185.70.42.45 |
|
| Details | IPv4 | 1 | 185.159.159.148 |
|
| Details | IPv4 | 1 | 185.70.42.37 |
|
| Details | IPv4 | 1 | 149.22.84.139 |
|
| Details | IPv4 | 1 | 146.70.174.66 |
|
| Details | IPv4 | 1 | 146.70.194.50 |
|
| Details | IPv4 | 1 | 169.150.226.161 |
|
| Details | IPv4 | 1 | 38.180.123.231 |
|
| Details | IPv4 | 1 | 146.70.95.251 |
|
| Details | IPv4 | 1 | 91.232.105.185 |
|
| Details | IPv4 | 1 | 54.39.143.112 |
|
| Details | IPv4 | 1 | 38.180.91.213 |
|
| Details | IPv4 | 1 | 38.180.123.187 |
|
| Details | IPv4 | 1 | 38.180.146.214 |
|
| Details | IPv4 | 1 | 38.180.146.212 |
|
| Details | IPv4 | 1 | 38.180.123.234 |
|
| Details | IPv4 | 1 | 38.180.146.252 |
|
| Details | IPv4 | 1 | 37.1.194.250 |
|
| Details | MITRE ATT&CK Techniques | 82 | T1583.001 |
|
| Details | MITRE ATT&CK Techniques | 15 | T1585.002 |
|
| Details | MITRE ATT&CK Techniques | 310 | T1566.001 |
|
| Details | MITRE ATT&CK Techniques | 183 | T1566.002 |
|
| Details | MITRE ATT&CK Techniques | 460 | T1059.001 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1059.004 |
|
| Details | MITRE ATT&CK Techniques | 380 | T1547.001 |
|
| Details | MITRE ATT&CK Techniques | 275 | T1053.005 |
|
| Details | MITRE ATT&CK Techniques | 1006 | T1082 |
|
| Details | MITRE ATT&CK Techniques | 433 | T1057 |
|
| Details | MITRE ATT&CK Techniques | 442 | T1071.001 |
|
| Details | Threat Actor Identifier - APT | 121 | APT42 |
|
| Details | Threat Actor Identifier by Recorded Future | 6 | TAG-56 |