RESEARCH REPORT
Show in Graph
Image Description
Common Information
Type Value
UUID 4fe28d7e-d5f2-4362-bc28-8b2d9636c1f6
Fingerprint 31a8b8d16d7c38081658e63b89389120b35aed1fc9882f42c796e92f489a737c
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 15, 2021, 12:13 p.m.
Added to db March 9, 2024, 11:24 p.m.
Last updated Aug. 30, 2024, 10:13 p.m.
Headline RESEARCH REPORT
Title RESEARCH REPORT
Detected Hints/Tags/Attributes 98/3/181
Source URLs
Redirection Url
Details Source http://pub1-bjyt.s3.360.cn/bcms/2021%E5%B9%B4%E4%B8%8A%E5%8D%8A%E5%B9%B4%E5%85%A8%E7%90%83%E9%AB%98%E7%BA%A7%E6%8C%81%E7%BB%AD%E6%80%A7%E5%A8%81%E8%83%81%EF%BC%88APT%EF%BC%89%E7%A0%94%E7%A9%B6%E6%8A%A5%E5%91%8A.pdf
URL Provider
Details Provider Source level domain
Details 360.cn pub1-bjyt.s3.360.cn
Attributes
Details Type #Events CTI Value
Details CVE 45 
cve-2021-1732
Details CVE 48 
cve-2021-26411
Details CVE 8 
cve-2021-21148
Details CVE 7 
cve-2021-34448
Details CVE 7 
cve-2021-30665
Details CVE 4 
cve-2021-30666
Details Domain 1 
02.exchange
Details Domain 7 
ti.dbappsecurity.com.cn
Details Domain 208 
mp.weixin.qq.com
Details Domain 453 
msrc.microsoft.com
Details Domain 3 
enki.co.kr
Details Domain 55 
blog.google
Details Domain 97 
chromereleases.googleblog.com
Details Domain 403 
securelist.com
Details Domain 36 
www.volexity.com
Details Domain 469 
www.cisa.gov
Details Domain 66 
www.cert.ssi.gouv.fr
Details Domain 224 
unit42.paloaltonetworks.com
Details Domain 78 
securityaffairs.co
Details Domain 36 
media.defense.gov
Details Domain 154 
us-cert.cisa.gov
Details Domain 144 
www.fortinet.com
Details Domain 14 
ssu.gov.ua
Details Domain 34 
msrc-blog.microsoft.com
Details Domain 251 
www.bleepingcomputer.com
Details Domain 18 
www.anomali.com
Details Domain 142 
research.checkpoint.com
Details Domain 28 
about.fb.com
Details Domain 112 
docs.google.com
Details Domain 396 
www.microsoft.com
Details Domain 259 
www.welivesecurity.com
Details Domain 4 
assets.sentinelone.com
Details Domain 12 
www.gov.cn
Details Domain 20 
www.idc.com
Details File 2 
flashplayer32pp_xa_acr_install.exe
Details File 1 
datea577n.exe
Details File 1 
igfcservicee.dll
Details File 2 
jacapm.dll
Details File 2 
numberalgo.dll
Details File 3 
boothelp.exe
Details File 1 
winlogup.dll
Details File 1 
jacaul.dll
Details File 1 
comevent.dll
Details File 3 
abode.exe
Details File 1 
winlogss.dll
Details File 1 
jacasp.dll
Details File 1 
scnpoint.dll
Details File 3 
dspcheck.exe
Details File 1 
winlogdfl.dll
Details File 1 
jacadfiter.dll
Details File 1 
dormode.dll
Details File 3 
vstservice.exe
Details File 1 
winlogkl.dll
Details File 1 
jacakl.dll
Details File 1 
framecordi.dll
Details File 2 
mdriver.exe
Details File 1 
winlogbw.dll
Details File 1 
jacabd.dll
Details File 1 
srcpolicy.dll
Details File 1 
winlogus.dll
Details File 1 
jacausd.dll
Details File 1 
市xx局-5g空间规划进展情况.docx
Details File 1 
地方与外方签署的合作文件汇总表.xls
Details File 1 
xxx2021年度部级法学研究课题指南.docx
Details File 1 
202105发布的3批xxx重点专项-含通知.pdf
Details File 1 
xxx重点发展评估申报表.doc
Details File 1 
第十二届xxx电子展.rar
Details File 1 
第六届xxx新材料大会通知.pdf
Details File 1 
metepreter服务端组件metsrv.dll
Details File 18 
analytics.js
Details File 1 
发送到collect.php
Details File 3 
collect.php
Details File 1 
跳转到livecheck.php
Details File 1 
livecheck.php
Details File 1 
访问mobile.php
Details File 5 
mobile.php
Details File 1 
pc.php
Details File 1 
访问extrnapi.php
Details File 1 
externapi.php
Details File 13 
shfolder.dll
Details File 2 
mscowlib.dll
Details File 11 
vmnat.exe
Details File 1 
comepty_0_64.dat
Details File 1 
comepty_1_64.dat
Details File 1 
propsysctl.db
Details File 1 
msvsmons.dat
Details File 1 
black.dll
Details File 1 
white.exe
Details File 1 
篡改后的chrome.exe
Details File 1 
五一期间疫情防控工作.docx
Details File 1 
防疫重点.rar
Details File 1 
employees.pdf
Details File 1 
疫情津贴启动信息.chm
Details File 1 
免疫灭活疫苗的研制汇总表.doc
Details File 1 
近期开展新冠疫情防控工作情况.docx
Details File 1 
2021年产学研合作基金项目信息表.xlsx
Details File 1 
2021年度国家重点实验室开放课题申请指南.docx
Details File 1 
2021年海洋试点国家实验室科技创新发展资金预算说明报告.docx
Details File 1 
高超飞行器自适应动态规划的未来发展.docx
Details File 1 
国家遥感科技简报2020年第4期最新版.pdf
Details File 1 
国防装备配套需求信息发布平台.pdf
Details File 1 
卫星遥感应用报告.pdf
Details File 1 
叶企孙联合基金方向详细说明.pdf
Details File 7 
ti.db
Details File 1206 
index.php
Details File 3 
ie_0day.html
Details File 1 
update-for-desktop_4.html
Details File 142 
www.cer
Details File 1 
certfr-2021-cti-005.pdf
Details File 2 
infrastructure.html
Details File 1 
20210415.html
Details File 1 
targets_us_allies_uoo13234021.pdf
Details File 1 
uoo13234021.pdf
Details File 1 
content_5592681.htm
Details File 10 
getdoc.jsp
Details Threat Actor Identifier - APT-C 1 
APT-C-59
Details Threat Actor Identifier - APT-C 26 
APT-C-60
Details Threat Actor Identifier - APT-C 19 
APT-C-01
Details Threat Actor Identifier - APT-C 22 
APT-C-08
Details Threat Actor Identifier - APT-C 44 
APT-C-00
Details Threat Actor Identifier - APT-C 24 
APT-C-06
Details Threat Actor Identifier - APT-C 7 
APT-C-48
Details Threat Actor Identifier - APT-C 15 
APT-C-55
Details Threat Actor Identifier - APT-C 7 
APT-C-24
Details Threat Actor Identifier - APT-C 3 
APT-C-47
Details Threat Actor Identifier - APT-C 102 
APT-C-35
Details Threat Actor Identifier - APT-C 14 
APT-C-56
Details Threat Actor Identifier - APT-C 30 
APT-C-26
Details Threat Actor Identifier - APT-C 2 
APT-C-30
Details Threat Actor Identifier - APT-C 2 
APT-C-54
Details Threat Actor Identifier - APT-C 9 
APT-C-20
Details Threat Actor Identifier - APT-C 4 
APT-C-25
Details Threat Actor Identifier - APT-C 2 
APT-C-29
Details Threat Actor Identifier - APT-C 5 
APT-C-41
Details Threat Actor Identifier - APT-C 79 
APT-C-23
Details Threat Actor Identifier - APT-C 15 
APT-C-28
Details Threat Actor Identifier - APT 664 
APT29
Details Threat Actor Identifier - APT 783 
APT28
Details Threat Actor Identifier - APT 259 
APT34
Details Url 1 
https://ti.dbappsecurity.com.cn/blog/index.php/2021/02/10/windows-
Details Url 2 
https://mp.weixin.qq.com/s/dmfylxseryuzx7bqybl9yq
Details Url 1 
https://mp.weixin.qq.com/s/rmgqwq8uw9fooy60lktrjw
Details Url 1 
https://mp.weixin.qq.com/s/elydvdmiiy4fz3kpmaddzq
Details Url 1 
https://mp.weixin.qq.com/s/vthvmrteu3dw8hfyusklqq
Details Url 1 
https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-34448
Details Url 4 
https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-26411
Details Url 3 
https://enki.co.kr/blog/2021/02/04/ie_0day.html
Details Url 1 
https://blog.google/threat-analysis-group/new-campaign-targeting-
Details Url 1 
https://chromereleases.googleblog.com/2021/02/stable-channel-
Details Url 1 
https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-
Details Url 1 
https://blog.google/threat-analysis-group/update-campaign-
Details Url 1 
https://securelist.com/andariel-evolves-to-target-south-korea-with-
Details Url 3 
https://securelist.com/lazarus-on-the-hunt-for-big-game/97757
Details Url 2 
https://mp.weixin.qq.com/s/pkck1ryxvgwfuohqk9rahg
Details Url 1 
https://mp.weixin.qq.com/s/bjrewoq4qkdjvek_thvueq
Details Url 1 
https://mp.weixin.qq.com/s/odblrtbnxzjhduxu_2ljzq
Details Url 1 
https://www.volexity.com/blog/2021/05/27/suspected-apt29-operation-
Details Url 1 
https://www.cisa.gov/news/2021/01/05/joint-statement-federal-
Details Url 1 
https://www.cert.ssi.gouv.fr/uploads/certfr-2021-cti-005.pdf
Details Url 1 
https://unit42.paloaltonetworks.com/ironnetinjector
Details Url 1 
https://securityaffairs.co/wordpress/115360/apt/russia-apt-lithuanian-
Details Url 1 
https://media.defense.gov/2021/apr/15/2002621240/-1/-1/0/csa_svr_
Details Url 1 
https://us-cert.cisa.gov/ncas/alerts/aa21-116a
Details Url 1 
https://www.fortinet.com/blog/threat-research/spearphishing-attack-
Details Url 1 
https://ssu.gov.ua/novyny/sbu-zablokuvala-masovu-kiberataku-
Details Url 1 
https://msrc-blog.microsoft.com/2021/06/25/new-nobelium-activity
Details Url 1 
https://www.bleepingcomputer.com/news/security/github-hosted-
Details Url 1 
https://www.anomali.com/blog/probable-iranian-cyber-actors-static-
Details Url 1 
https://research.checkpoint.com/2021/irans-apt34-returns-with-an-
Details Url 1 
https://about.fb.com/news/2021/04/taking-action-against-hackers-in-
Details Url 2 
https://docs.google.com/spreadsheets/d/1lknj0uqwbec1ztrrxdtuplcil
Details Url 1 
https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-
Details Url 2 
https://www.welivesecurity.com/2021/03/10/exchange-servers-under-
Details Url 1 
https://mp.weixin.qq.com/s/4s66qdvvbuezz-w9rcsuig
Details Url 1 
https://assets.sentinelone.com/sentinellabs/evol-agrius
Details Url 1 
https://mp.weixin.qq.com/s/w-c_tkvnxco8c3ctgajonq
Details Url 1 
http://www.gov.cn/xinwen/2021-03/13/content_5592681.htm
Details Url 1 
https://mp.weixin.qq.com/s/elkgwownvjr4qzkc8j1jxg
Details Url 1 
https://www.bleepingcomputer.com/news/security/brazils-rio-grande-
Details Url 1 
https://www.bleepingcomputer.com/news/security/city-of-tulsas-
Details Url 1 
https://www.idc.com/getdoc.jsp?containerid=prchc47164720&utm_