China-Linked Group TAG-28 Targets India’s “The Times Group” and UIDAI (Aadhaar) Government Agency With Winnti Malware
Show in Graph
Image Description
Common Information
Type Value
UUID a4b27400-0518-4076-b2f8-95ca59fc10d5
Fingerprint f9591200b5952da6fcdba40cd5ab0c7b581278770e320a931daf47de6be42b29
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 20, 2021, 8:51 p.m.
Added to db March 10, 2024, 1:06 a.m.
Last updated Aug. 30, 2024, 10:29 p.m.
Headline China-Linked Group TAG-28 Targets India’s “The Times Group” and UIDAI (Aadhaar) Government Agency With Winnti Malware
Title China-Linked Group TAG-28 Targets India’s “The Times Group” and UIDAI (Aadhaar) Government Agency With Winnti Malware
Detected Hints/Tags/Attributes 31/2/24
Source URLs
Redirection Url
Details Source https://go.recordedfuture.com/hubfs/reports/cta-2021-0921-kr.pdf
URL Provider
Details Provider Source level domain
Details recordedfuture.com go.recordedfuture.com
Attributes
Details Type #Events CTI Value
Details Domain 546 
www.recordedfuture.com
Details Domain 2 
samuelblog.me
Details Domain 2 
samuelblog.site
Details Domain 2 
samuelblog.info
Details Domain 2 
samuelblog.website
Details Domain 2 
samuelblog.xyz
Details Domain 1 
scrbofficial.mppolice.gov.in
Details Domain 2 
db1.samuelblog.me
Details Domain 2 
db1.samuelblog.site
Details Domain 2 
date.samuelblog.info
Details Domain 2 
admin.samuelblog.xyz
Details Domain 265 
recordedfuture.com
Details IPv4 2 
103.220.14.5
Details IPv4 2 
103.220.14.114
Details IPv4 2 
14.141.124.3
Details IPv4 3 
185.161.209.87
Details IPv4 2 
86.107.197.182
Details IPv4 2 
178.157.91.144
Details IPv4 2 
210.212.145.100
Details IPv4 2 
2.56.213.86
Details Threat Actor Identifier - APT 522 
APT41
Details Threat Actor Identifier - APT 18 
APT12
Details Threat Actor Identifier by Recorded Future 8 
TAG-28
Details Threat Actor Identifier by Recorded Future 2 
TAG-262