Operation Cloud Hopper
Common Information
| Type | Value |
|---|---|
| UUID | 772be9ce-2bdb-4dbd-a8b2-0cfee6314bd5 |
| Fingerprint | 8da2fdd15a79d777a17efb0adb6fc15ea9ff64edde8ea743395235f2816356c3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 4, 2017, 8:13 a.m. |
| Added to db | May 14, 2024, 9:31 p.m. |
| Last updated | Aug. 31, 2024, 8:49 a.m. |
| Headline | Operation Cloud Hopper |
| Title | Operation Cloud Hopper |
| Detected Hints/Tags/Attributes | 205/3/113 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 19 | www.pwc.co.uk |
|
| Details | Domain | 15 | www.dhs.gov |
|
| Details | Domain | 184 | www.fireeye.com |
|
| Details | Domain | 111 | www.justice.gov |
|
| Details | Domain | 22 | security.googleblog.com |
|
| Details | Domain | 202 | krebsonsecurity.com |
|
| Details | Domain | 10 | thediplomat.com |
|
| Details | Domain | 1 | bdoncloud.com |
|
| Details | Domain | 1 | cloud-kingl.com |
|
| Details | Domain | 1 | cloud-maste.com |
|
| Details | Domain | 1 | incloud-go.com |
|
| Details | Domain | 1 | incloud-obert.com |
|
| Details | Domain | 1 | catholicmmb.com |
|
| Details | Domain | 1 | cmmb.org |
|
| Details | Domain | 1 | ccfchrist.com |
|
| Details | Domain | 1 | ccf.org.ph |
|
| Details | Domain | 1 | cwiinatonal.com |
|
| Details | Domain | 1 | cwi.org.uk |
|
| Details | Domain | 1 | usffunicef.com |
|
| Details | Domain | 1 | unicefusa.org |
|
| Details | Domain | 1 | salvaiona.com |
|
| Details | Domain | 1 | salvationarmy.org |
|
| Details | Domain | 1 | meiji-ac-jp.com |
|
| Details | Domain | 1 | meiji.ac.jp |
|
| Details | Domain | 1 | u-tokyo-ac-jp.com |
|
| Details | Domain | 3 | u-tokyo.ac.jp |
|
| Details | Domain | 1 | jica-go-jp.bike |
|
| Details | Domain | 1 | jica.go.jp |
|
| Details | Domain | 1 | jica-go-jp.biz |
|
| Details | Domain | 1 | jimin-jp.biz |
|
| Details | Domain | 1 | jimin.jp |
|
| Details | Domain | 1 | mofa-go-jp.com |
|
| Details | Domain | 2 | mofa.go.jp |
|
| Details | Domain | 1 | belowto.com |
|
| Details | Domain | 99 | india.com |
|
| Details | Domain | 2 | ns1.ititch.com |
|
| Details | Domain | 1 | poulsenv.com |
|
| Details | Domain | 155 | yandex.com |
|
| Details | Domain | 1 | unhamj.com |
|
| Details | Domain | 1 | wthelpdesk.com |
|
| Details | Domain | 1 | www.pwccn.com |
|
| Details | Domain | 3 | csirt.ninja |
|
| Details | Domain | 1 | www.meiji.ac.jp |
|
| Details | Domain | 1 | www.chuo-u.ac.jp |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 9 | pwc.blogs.com |
|
| Details | Domain | 4 | blog.jpcert.or.jp |
|
| Details | Domain | 26 | www.lac.co.jp |
|
| Details | Domain | 132 | trendmicro.com |
|
| Details | Domain | 177 | blog.trendmicro.com |
|
| Details | Domain | 47 | www.slideshare.net |
|
| Details | Domain | 20 | www.pwc.com |
|
| Details | 1 | robertorivera@india.com |
||
| Details | 1 | wenonatmcmurray@india.com |
||
| Details | 1 | meganfdelgado@india.com |
||
| Details | 1 | abellonav.poulsen@yandex.com |
||
| Details | 1 | juanitardunham@india.com |
||
| Details | 1 | armandovalcala@india.com |
||
| Details | File | 3 | rpt-poison-ivy.pdf |
|
| Details | File | 1 | 5122014519132358461949.pdf |
|
| Details | File | 1 | update-on-attempted-man-in-middle.html |
|
| Details | File | 1 | a-detailed-examination-of-the-siesta-campaign.html |
|
| Details | File | 2 | 1025.exe |
|
| Details | File | 2 | a4_1025.exe |
|
| Details | File | 2 | 個人番号の提供について.exe |
|
| Details | File | 2 | number.exe |
|
| Details | File | 1 | 国史教科書の作成.exe |
|
| Details | File | 1 | textbook.exe |
|
| Details | File | 13 | mandiant-apt1-report.pdf |
|
| Details | File | 1 | govt-work-review-mar2016.pdf |
|
| Details | File | 1 | prosperity-masses-2020.pdf |
|
| Details | File | 1 | 6t5h7p00000mjbbr.html |
|
| Details | File | 76 | ping.exe |
|
| Details | File | 256 | net.exe |
|
| Details | File | 2 | tcping.exe |
|
| Details | File | 4 | t.vbs |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 1 | based-on-open-source-rat.html |
|
| Details | File | 2 | 20170223_001224.html |
|
| Details | File | 2 | chches-malware--93d6.html |
|
| Details | File | 1 | siesta-campaign.html |
|
| Details | File | 1 | ivy.pdf |
|
| Details | Github username | 7 | quasar |
|
| Details | Threat Actor Identifier - APT | 278 | APT10 |
|
| Details | Threat Actor Identifier - APT | 115 | APT1 |
|
| Details | Threat Actor Identifier - APT | 66 | APT17 |
|
| Details | Threat Actor Identifier - APT | 22 | APT18 |
|
| Details | Threat Actor Identifier - APT | 166 | APT31 |
|
| Details | Threat Actor Identifier - APT | 24 | APT19 |
|
| Details | Url | 1 | https://www.dhs.gov/defense-industrial-base-sector |
|
| Details | Url | 1 | https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/rpt-poison-ivy.pdf |
|
| Details | Url | 2 | http://blog.trendmicro.com/trendlabs-security-intelligence/evilgrab-malware-family-used-in-targeted-attacks-in-asia |
|
| Details | Url | 1 | https://www.justice.gov/iso/opa/resources/5122014519132358461949.pdf |
|
| Details | Url | 1 | https://security.googleblog.com/2011/08/update-on-attempted-man-in-middle.html |
|
| Details | Url | 1 | https://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2014/03/a-detailed-examination-of-the-siesta-campaign.html |
|
| Details | Url | 1 | http://thediplomat.com/2016/04/japans-achilles-heel-cybersecurity |
|
| Details | Url | 8 | https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf |
|
| Details | Url | 1 | https://www.pwccn.com/en/migration/pdf/govt-work-review-mar2016.pdf |
|
| Details | Url | 1 | http://www.pwccn.com/en/migration/pdf/prosperity-masses-2020.pdf |
|
| Details | Url | 1 | http://csirt.ninja/?p=1103 |
|
| Details | Url | 1 | http://www.meiji.ac.jp/isc/information/2016/6t5h7p00000mjbbr.html |
|
| Details | Url | 1 | http://www.chuo-u.ac.jp/research/rd/grant/news/2017/01/51783 |
|
| Details | Url | 1 | https://github.com/quasar/quasarrat |
|
| Details | Url | 1 | http://pwc.blogs.com/cyber_ |
|
| Details | Url | 1 | http://blog.jpcert.or.jp/2017/04/redleaves---malware- |
|
| Details | Url | 3 | http://researchcenter.paloaltonetworks |
|
| Details | Url | 1 | http://blog.jpcert.or |
|
| Details | Url | 4 | https://www.fireeye.com/blog |
|
| Details | Url | 1 | https://www.fireeye.com/content/dam |
|
| Details | Url | 33 | http://blog.trendmicro.com/trendlabs-security- |
|
| Details | Url | 1 | https://www.slideshare.net/crowdstrike/crowd-casts- |
|
| Details | Url | 25 | https://www.trendmicro |