Threat Advisory
Common Information
| Type | Value |
|---|---|
| UUID | 85684807-c4b8-42c0-b118-3e2e31f1500d |
| Fingerprint | 97490581af542776ab98af8ff36b4916c93f87cdb96f23f3590ac58d1242647f |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 27, 2023, 5:43 p.m. |
| Added to db | Feb. 7, 2024, 7:38 p.m. |
| Last updated | Aug. 31, 2024, 1:40 a.m. |
| Headline | Threat Advisory |
| Title | Threat Advisory |
| Detected Hints/Tags/Attributes | 127/4/98 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | Domain | 246 | mail.ru |
|
| Details | Domain | 1 | network-list.com |
|
| Details | Domain | 2 | list.com |
|
| Details | Domain | 1 | avito-service.net |
|
| Details | Domain | 452 | msrc.microsoft.com |
|
| Details | Domain | 4 | www.facct.ru |
|
| Details | Domain | 435 | www.hivepro.com |
|
| Details | File | 1 | %appdata%\microsoft\windows\khaki.xml |
|
| Details | File | 1 | khaki.vbs |
|
| Details | File | 1 | wkbi.html |
|
| Details | File | 5 | fonts.css |
|
| Details | File | 1 | products_list108.html |
|
| Details | File | 15 | styles.css |
|
| Details | File | 1 | qgcl.html |
|
| Details | File | 1 | includes_wlwmanifest.xml |
|
| Details | File | 1 | rpgg.html |
|
| Details | File | 1 | php-pvrg.html |
|
| Details | File | 1 | 37.html |
|
| Details | md5 | 1 | 7bdb049cb0cc3623e4fa1d8e2574f1ce |
|
| Details | md5 | 1 | b1995d8a9df9bd8ce23d38b0ab454580 |
|
| Details | md5 | 1 | f611cb1a320a9d3b5df4b70b37b0fd73 |
|
| Details | md5 | 1 | 0957edfec31dd2dd05d484eed90593c7 |
|
| Details | md5 | 1 | 965d5dc42ee1efdcbc52d061624526c7 |
|
| Details | md5 | 1 | B3de2f04ceb97f8e9164399649433e1e |
|
| Details | md5 | 1 | 2e950fe4bd76088f89433a6f2146cb67 |
|
| Details | md5 | 1 | efd493e8ebcd66f9404338532519eb90 |
|
| Details | md5 | 1 | cd8141f094cfb0dae11747ee9dc74a2f |
|
| Details | md5 | 1 | 9c5a6ede9b0ca906cbc121cc5496b714 |
|
| Details | md5 | 1 | 0a850c27c8ce24c0a6fa5bcf7504dc30 |
|
| Details | md5 | 1 | 27d49df3e0122152dc9a3f752a099f39 |
|
| Details | md5 | 1 | ddbc081392ffa41bcb3e7a007edf727b |
|
| Details | md5 | 1 | b0de9d6133d73c32b243cf716a7c614c |
|
| Details | sha1 | 1 | 7329424eba132feebba57e239000331e886b1656 |
|
| Details | sha1 | 1 | 7c8479a818ea21fc228334dfdd55044866a95026 |
|
| Details | sha1 | 1 | d59f3f2b5132ff23e3fa6d88f1b97b299af38507 |
|
| Details | sha1 | 1 | a03a699031e956b4fde1ced6309b67853a54602a |
|
| Details | sha1 | 1 | a176a164e728c929f70ab2ffa44213625ae17172 |
|
| Details | sha1 | 1 | 3375772e3bc60614e3e398fd019c8931d2ad83c9 |
|
| Details | sha1 | 1 | 07735f3da5f5847e9df43034459e3ead4c1f3f35 |
|
| Details | sha1 | 1 | 877f95ee15adb5540d0b50509a14d1cdf89fe3e1 |
|
| Details | sha1 | 1 | 85a24692089d1a8dc6354a88b6f1e08567db6b0d |
|
| Details | sha1 | 1 | 3b2109317985de28d16aef6306ba5a788eb121bf |
|
| Details | sha1 | 1 | 44a21627eed099a55e5592509e6e3333c5d3d339 |
|
| Details | sha1 | 1 | 6efed9d4e8ae02808bed488566f90a4ecc361546 |
|
| Details | sha1 | 1 | 151e9e6defac4a67be8916a1e119917b69e053ac |
|
| Details | sha1 | 1 | 53cea3a93a481a710e821d9c3e087fc18fb989f9 |
|
| Details | IPv4 | 1 | 95.217.82.125 |
|
| Details | MITRE ATT&CK Techniques | 34 | T1589 |
|
| Details | MITRE ATT&CK Techniques | 22 | T1589.002 |
|
| Details | MITRE ATT&CK Techniques | 66 | T1583 |
|
| Details | MITRE ATT&CK Techniques | 82 | T1583.001 |
|
| Details | MITRE ATT&CK Techniques | 13 | T1585 |
|
| Details | MITRE ATT&CK Techniques | 15 | T1585.002 |
|
| Details | MITRE ATT&CK Techniques | 56 | T1587 |
|
| Details | MITRE ATT&CK Techniques | 96 | T1587.001 |
|
| Details | MITRE ATT&CK Techniques | 11 | T1587.004 |
|
| Details | MITRE ATT&CK Techniques | 46 | T1608 |
|
| Details | MITRE ATT&CK Techniques | 49 | T1608.001 |
|
| Details | MITRE ATT&CK Techniques | 409 | T1566 |
|
| Details | MITRE ATT&CK Techniques | 310 | T1566.001 |
|
| Details | MITRE ATT&CK Techniques | 25 | T1559 |
|
| Details | MITRE ATT&CK Techniques | 31 | T1559.001 |
|
| Details | MITRE ATT&CK Techniques | 245 | T1203 |
|
| Details | MITRE ATT&CK Techniques | 420 | T1204 |
|
| Details | MITRE ATT&CK Techniques | 365 | T1204.002 |
|
| Details | MITRE ATT&CK Techniques | 695 | T1059 |
|
| Details | MITRE ATT&CK Techniques | 137 | T1059.005 |
|
| Details | MITRE ATT&CK Techniques | 207 | T1547 |
|
| Details | MITRE ATT&CK Techniques | 380 | T1547.001 |
|
| Details | MITRE ATT&CK Techniques | 627 | T1027 |
|
| Details | MITRE ATT&CK Techniques | 504 | T1140 |
|
| Details | MITRE ATT&CK Techniques | 247 | T1070 |
|
| Details | MITRE ATT&CK Techniques | 297 | T1070.004 |
|
| Details | MITRE ATT&CK Techniques | 107 | T1564 |
|
| Details | MITRE ATT&CK Techniques | 13 | T1564.004 |
|
| Details | MITRE ATT&CK Techniques | 40 | T1221 |
|
| Details | MITRE ATT&CK Techniques | 121 | T1218 |
|
| Details | MITRE ATT&CK Techniques | 59 | T1218.005 |
|
| Details | MITRE ATT&CK Techniques | 1006 | T1082 |
|
| Details | MITRE ATT&CK Techniques | 444 | T1071 |
|
| Details | MITRE ATT&CK Techniques | 442 | T1071.001 |
|
| Details | MITRE ATT&CK Techniques | 492 | T1105 |
|
| Details | Threat Actor Identifier by Thales | 2 | ATK 116 |
|
| Details | Url | 1 | https://network-list.com/?wkbi.html_handfeed |
|
| Details | Url | 1 | https://network-list.com/?wp |
|
| Details | Url | 1 | https://network-list.com/?php |
|
| Details | Url | 1 | https://network-list.com/?products_list108.htmlheader |
|
| Details | Url | 1 | https://network-list.com/?qgcl.html_anapeiratic |
|
| Details | Url | 1 | https://network-list.com/?rpgg.html_protophloem |
|
| Details | Url | 1 | https://network-list.com/?php-pvrg.html_outblunder |
|
| Details | Url | 1 | https://network-list.com/protophloem/p21 |
|
| Details | Url | 1 | https://network-list.com/outblunder/a63 |
|
| Details | Url | 1 | https://avito-service.net/service/37.html/bersim |
|
| Details | Url | 3 | https://msrc.microsoft.com/update-guide/vulnerability/cve-2017-11882 |
|
| Details | Url | 1 | https://www.facct.ru/blog/cloud-atlas |
|
| Details | Url | 1 | https://www.hivepro.com/threat-advisory/the-cloud-atlas-perpetual-threat-aims-to- |
|
| Details | Windows Registry Key | 112 | HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |