全球高级持续性威胁(APT) 2018 年中报告
Show in Graph
Image Description
Common Information
Type Value
UUID 46899ec9-f3e5-4d5f-a275-6c24a2e667de
Fingerprint a22191a6b6c3e9f071c44294dd73712b314869f99a33faa7e54440d7bd46eee2
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 1, 2018, 3:47 p.m.
Added to db April 5, 2024, 3:45 p.m.
Last updated Aug. 31, 2024, 6:01 a.m.
Headline 全球高级持续性威胁(APT) 2018 年中报告
Title 全球高级持续性威胁(APT) 2018 年中报告
Detected Hints/Tags/Attributes 89/3/92
Source URLs
Redirection Url
Details Source https://ti.qianxin.com/uploads/2018/08/01/c437f2e1f3eba14802924e26fc2318fb.pdf
URL Provider
Details Provider Source level domain
Details qianxin.com ti.qianxin.com
Attributes
Details Type #Events CTI Value
Details CVE 269 
cve-2017-0199
Details CVE 375 
cve-2017-11882
Details CVE 63 
cve-2017-8570
Details CVE 117 
cve-2018-0802
Details CVE 17 
cve-2018-4990
Details CVE 32 
cve-2018-8120
Details CVE 92 
cve-2018-4878
Details CVE 106 
cve-2018-8174
Details CVE 14 
cve-2018-5002
Details Domain 2 
www.gulfup.com
Details Domain 1 
bbbb4.noip.me
Details Domain 1 
telgram.strangled.net
Details Domain 2 
basharalassad1sea.noip.me
Details Domain 1 
chatsecurelite.us.to
Details Domain 85 
163.com
Details Domain 20 
ti.360.net
Details Domain 67 
360.cn
Details Domain 216 
www.symantec.com
Details Domain 35 
www.akamai.com
Details Domain 261 
blog.talosintelligence.com
Details Domain 2 
who-wasnt-responsible-for-olympic.ht
Details Domain 546 
www.recordedfuture.com
Details Domain 184 
www.fireeye.com
Details Domain 27 
apnews.com
Details Domain 13 
asert.arbornetworks.com
Details Domain 24 
researchcenter.paloaltonetworks.com
Details Domain 403 
securelist.com
Details Domain 262 
www.welivesecurity.com
Details Domain 251 
www.bleepingcomputer.com
Details Domain 56 
www.dragos.com
Details Domain 43 
www.cyberscoop.com
Details Domain 177 
blog.trendmicro.com
Details Domain 36 
www.volexity.com
Details Domain 8 
info.lookout.com
Details Domain 4 
zt.360.cn
Details File 23 
vbscript.dll
Details File 12 
msfte.dll
Details File 4 
ntwdblib.dll
Details File 9 
cliconfg.exe
Details File 27 
searchindexer.exe
Details File 1 
y-blackhat-proxies-via-nat-injections-white-paper.pdf
Details File 1 
ddle-east-by-apt34.html
Details File 6 
vpnfilter.html
Details File 1 
20180531covellite.html
Details File 1 
th-korean-actor.html
Details File 7 
korea-in-crosshairs.html
Details File 43 
0.pdf
Details File 4 
1101061855.php
Details md5 3 
4d174e45ef5843a0ba82e804f080988f
Details IPv4 2 
31.9.48.183
Details IPv4 2 
82.137.255.56
Details IPv4 1 
82.137.255.57
Details Threat Actor Identifier - APT-C 19 
APT-C-01
Details Threat Actor Identifier - APT-C 17 
APT-C-27
Details Threat Actor Identifier - APT-C 24 
APT-C-06
Details Threat Actor Identifier - APT-C 102 
APT-C-35
Details Threat Actor Identifier - APT-C 11 
APT-C-12
Details Threat Actor Identifier - APT 783 
APT28
Details Threat Actor Identifier - APT 258 
APT34
Details Threat Actor Identifier - APT 665 
APT29
Details Threat Actor Identifier - APT 277 
APT37
Details Url 2 
http://www.gulfup.com/?mcvlnx
Details Url 5 
https://ti.360.net
Details Url 2 
https://ti.360.net/blog
Details Url 1 
https://www.symantec.com/blogs/threat-intelligence/inception-framework-hi
Details Url 1 
https://www.akamai.com/us/en/multimedia/documents/white-paper/upnprox
Details Url 2 
https://blog.talosintelligence.com/2018/02/who-wasnt-responsible-for-olympic.ht
Details Url 1 
https://www.recordedfuture.com/iran-hacker-hierarchy
Details Url 1 
https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-mi
Details Url 6 
https://blog.talosintelligence.com/2018/05/vpnfilter.html
Details Url 1 
https://apnews.com/4d174e45ef5843a0ba82e804f080988f
Details Url 1 
https://asert.arbornetworks.com/lojack-becomes-a-double-agent
Details Url 1 
https://researchcenter.paloaltonetworks.com/2018/06/unit42-sofacy-groups-p
Details Url 1 
https://securelist.com/masha-and-these-bears/84311
Details Url 1 
https://www.welivesecurity.com/2018/04/24/sednit-update-analysis-zebrocy
Details Url 1 
https://www.bleepingcomputer.com/news/security/activex-zero-day-discover
Details Url 1 
https://www.dragos.com/blog/20180531covellite.html
Details Url 1 
https://www.fireeye.com/blog/threat-research/2018/02/apt37-overlooked-nor
Details Url 6 
https://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html
Details Url 4 
https://securelist.com/apt-slingshot/84312
Details Url 1 
https://www.cyberscoop.com/kaspersky-slingshot-isis-operation-socom-five-
Details Url 1 
https://blog.trendmicro.com/trendlabs-security-intelligence/deciphering-conf
Details Url 1 
https://researchcenter.paloaltonetworks.com/2018/03/unit42-patchwork-continues
Details Url 2 
https://asert.arbornetworks.com/donot-team-leverages-new-modular-malwar
Details Url 1 
https://blog.trendmicro.com/trendlabs-security-intelligence/confucius-update
Details Url 1 
https://www.volexity.com/blog/2018/06/07/patchwork-apt-group-targets-us-t
Details Url 1 
https://info.lookout.com/rs/051-esq-475/images/lookout_dark-caracal_srr
Details Url 2 
https://securelist.com/whos-who-in-the-zoo/85394
Details Url 1 
https://www.bleepingcomputer.com/news/security/cyber-espionage-groups-a
Details Url 3 
https://ti.360.net/blog/articles/analysis-of-apt-c-27
Details Url 1 
http://zt.360.cn/1101061855.php?dtid=1101061451&did=210702435
Details Url 1 
http://zt.360.cn/1101061855.php?dtid=1101062370&did=210645168