Darkhotel(APT-C-06)使用“双星”0Day 漏洞 (CVE-2019-17026、CVE-2020-0674)针对中国发 起的 APT 攻击分析 背景 攻击流程分析
Show in Graph
Image Description
Common Information
Type Value
UUID 82590008-611e-44ae-8dff-81d756b64fb5
Fingerprint 865fb1948606de1f33650996a2e75155a43bb7bca580a213ae160af05e424dad
Analysis status DONE
Considered CTI value 2
Text language
Published June 9, 2020, 9:12 p.m.
Added to db March 9, 2024, 11:39 p.m.
Last updated Aug. 30, 2024, 10:22 p.m.
Headline Darkhotel(APT-C-06)使用“双星”0Day 漏洞 (CVE-2019-17026、CVE-2020-0674)针对中国发 起的 APT 攻击分析 背景 攻击流程分析
Title Darkhotel(APT-C-06)使用“双星”0Day 漏洞 (CVE-2019-17026、CVE-2020-0674)针对中国发 起的 APT 攻击分析 背景 攻击流程分析
Detected Hints/Tags/Attributes 3/0/10
Source URLs
Redirection Url
Details Source http://pub1-bjyt.s3.360.cn/bcms/Darkhotel%EF%BC%88APT-C-06%EF%BC%89%E4%BD%BF%E7%94%A8%E2%80%9C%E5%8F%8C%E6%98%9F%E2%80%9D0Day%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2019-17026%E3%80%81CVE-2020-0674%EF%BC%89%E9%92%88%E5%AF%B9%E4%B8%AD%E5%9B%BD%E5%8F%91%E8%B5%B7%E7%9A%84APT%E6%94%BB%E5%87%BB%E5%88%86%E6%9E%90.pdf
URL Provider
Details Provider Source level domain
Details 360.cn pub1-bjyt.s3.360.cn
Attributes
Details Type #Events CTI Value
Details CVE 14 
cve-2019-17026
Details CVE 43 
cve-2020-0674
Details CVE 375 
cve-2017-11882
Details Domain 84 
www.mozilla.org
Details Domain 80 
portal.msrc.microsoft.com
Details File 1 
否为svchost.exe
Details File 2 
发现当前进程名为svchost.exe
Details Threat Actor Identifier - APT-C 24 
APT-C-06
Details Url 3 
https://www.mozilla.org/en-us/security/advisories/mfsa2020-03
Details Url 3 
https://portal.msrc.microsoft.com/en-us/security-