APT and financial attacks on industrial organizations in H2 2023
Common Information
| Type | Value |
|---|---|
| UUID | 91c259e0-a5fe-429e-9171-98bb5692b07a |
| Fingerprint | 2285cdb9332cbb4f647efb3577f57d2847af1a6bf196eb9bbaf5c86f1bc7a36b |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 1, 2024, 5:26 p.m. |
| Added to db | May 27, 2024, 3:39 p.m. |
| Last updated | Aug. 31, 2024, 7:47 a.m. |
| Headline | APT and financial attacks on industrial organizations in H2 2023 |
| Title | APT and financial attacks on industrial organizations in H2 2023 |
| Detected Hints/Tags/Attributes | 451/3/50 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 76 | cve-2022-47966 |
|
| Details | CVE | 90 | cve-2022-42475 |
|
| Details | CVE | 397 | cve-2021-44228 |
|
| Details | CVE | 117 | cve-2023-2868 |
|
| Details | CVE | 53 | cve-2023-42793 |
|
| Details | CVE | 133 | cve-2023-38831 |
|
| Details | CVE | 176 | cve-2023-23397 |
|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | CVE | 15 | cve-2019-0803 |
|
| Details | CVE | 64 | cve-2023-28771 |
|
| Details | CVE | 217 | cve-2020-1472 |
|
| Details | CVE | 116 | cve-2023-4966 |
|
| Details | Domain | 101 | cert.pl |
|
| Details | Domain | 24 | bi.zone |
|
| Details | Domain | 13 | mockbin.org |
|
| Details | Domain | 7 | mocky.io |
|
| Details | Domain | 1 | ukaz.pdf.zip |
|
| Details | Domain | 1 | ponyexpress.site |
|
| Details | Domain | 246 | mail.ru |
|
| Details | Domain | 338 | kaspersky.com |
|
| Details | 68 | ics-cert@kaspersky.com |
||
| Details | File | 1 | fv_host.exe |
|
| Details | File | 5 | vfhost.exe |
|
| Details | File | 16 | mcods.exe |
|
| Details | File | 1 | aclnumsinverthost.dll |
|
| Details | File | 99 | cert.pl |
|
| Details | File | 2 | resultati_sovehchaniya_11_09_2023.rar |
|
| Details | File | 1 | pismo_izveshcanie_2023_10_16.rar |
|
| Details | File | 9 | scilc.exe |
|
| Details | File | 1 | ukaz.pdf |
|
| Details | File | 1 | наградам.exe |
|
| Details | File | 1 | awards.exe |
|
| Details | File | 3 | finansovyy_kontrol_2023_180529.rar |
|
| Details | File | 8 | processlist.txt |
|
| Details | File | 118 | sc.exe |
|
| Details | Mandiant Temporary Group Assumption | 35 | TEMP.HEX |
|
| Details | Mandiant Temporary Group Assumption | 5 | TEMP.OVERBOARD |
|
| Details | Mandiant Uncategorized Groups | 7 | UNC4698 |
|
| Details | Mandiant Uncategorized Groups | 54 | UNC4841 |
|
| Details | Microsoft Threat Actor Naming Taxonomy (Groups in development) | 4 | Storm-0832 |
|
| Details | Threat Actor Identifier - APT | 181 | APT33 |
|
| Details | Threat Actor Identifier - APT | 166 | APT31 |
|
| Details | Threat Actor Identifier - APT | 665 | APT29 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Threat Actor Identifier - APT | 194 | APT35 |
|
| Details | Threat Actor Identifier - APT | 121 | APT42 |
|
| Details | Threat Actor Identifier - APT | 258 | APT34 |
|
| Details | Threat Actor Identifier - APT | 522 | APT41 |
|
| Details | Threat Actor Identifier - APT | 297 | APT27 |
|
| Details | Threat Actor Identifier - FIN | 42 | FIN12 |