JOINT CYBERSECURITY ADVISORY
Common Information
| Type | Value |
|---|---|
| UUID | b68a737f-8ffd-45f0-85d4-2181cc47b707 |
| Fingerprint | f0a1afeb75bd1b2a682749c794b77d6ec9618ff44bc78884e03b8baf0c5249b3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | March 6, 2024, 8:50 a.m. |
| Added to db | March 10, 2024, 3:52 a.m. |
| Last updated | Nov. 17, 2024, 12:59 p.m. |
| Headline | JOINT CYBERSECURITY ADVISORY |
| Title | JOINT CYBERSECURITY ADVISORY |
| Detected Hints/Tags/Attributes | 136/4/51 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.ic3.gov/media/news/2024/240227.pdf |
| Details | Source | https://www.ic3.gov/CSA/2024/240227.pdf |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 176 | cve-2023-23397 |
|
| Details | Domain | 128 | www.fbi.gov |
|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 23 | ntlmrelayx.py |
|
| Details | Domain | 4 | packinstall.kozow.com |
|
| Details | Domain | 2 | core.py |
|
| Details | Domain | 1 | api.anti-captcha.com |
|
| Details | Domain | 2 | matbaiteahe.mooo.com |
|
| Details | Domain | 2 | lalapoc.kozow.com |
|
| Details | Domain | 2 | gneivaientga.ignorelist.com |
|
| Details | Domain | 2 | antotehlant.theworkpc.com |
|
| Details | Domain | 2 | onechoice.gleeze.com |
|
| Details | Domain | 2 | mumucnc.kozow.com |
|
| Details | Domain | 16 | services.software |
|
| Details | File | 22 | ntlmrelayx.py |
|
| Details | File | 2 | core.py |
|
| Details | File | 17 | debug.txt |
|
| Details | File | 3 | responder-session.log |
|
| Details | File | 1 | responder.db |
|
| Details | File | 2 | srv.php |
|
| Details | md5 | 3 | acbb64c3de5ea5e5936df4a1eecf1235 |
|
| Details | sha256 | 1 | 4e32b04930d1f745eba92255ee1c5e5ac82b939ff12de0522c8a4905431d033d |
|
| Details | sha256 | 1 | c51c6aa0230a2fea888ebcd213d302f1cc9f6051fdb268ae5c7a09415845c404 |
|
| Details | sha256 | 1 | 40a7fd89b9e51b0a515ac2355036d203357be90a2200b9c506b95c12db54c7aa |
|
| Details | sha256 | 3 | 18f891a3737bb53cd1ab451e2140654a376a43b2d75f6695f3133d47a41952b6 |
|
| Details | sha256 | 2 | 0429bdc6a302b4288aea1b1e2f2a7545731c50d647672fa65b012b2a2caa386e |
|
| Details | sha256 | 1 | 3b5ed45345193b06f40515da342ff146267e8340b2e1ab6d55a257d2e3554a2b |
|
| Details | sha256 | 1 | adae1bd8938b9a0d825a2ef7e7c4e000f01966c397306027119f20d7ecce955d |
|
| Details | sha256 | 1 | c09f8d0a9fa0f9bb3e19556182a95782daec2f2f532cab5eeb5528f2cd783583 |
|
| Details | sha256 | 1 | 1cc20155517860557c94308ec913e4c3bfc072c34ce33449641cc9fb1d571b21 |
|
| Details | sha256 | 1 | 551eb82d82b7a8830549c9183eb39acf19719c84b9bccc7fb443504b093f6bb9 |
|
| Details | sha256 | 1 | cd83dd9470603b1a1951eefa95b602e34207c4d5e62c649642e7160574a9c50d |
|
| Details | sha256 | 1 | fbc2e6820c874ed102bab304382edeffb9708e7b8445e126c227a6c289d92708 |
|
| Details | sha256 | 1 | c9e06c7c62395da32c91cc0c4acb95f29a0aa3380a833e7c7b24b8d4db50c0c6 |
|
| Details | sha256 | 1 | 5facbe53b4c63dbc865f3713385358df490a4bad9211337241d85f0554cca40a |
|
| Details | sha256 | 1 | c7c40cdcdd65e468ee29d330a34e8ee94c26aa8b3f1830e0a8dfea8aca3cdd50 |
|
| Details | sha256 | 1 | a4a95807f1c5b200d5d94e3e811a7c4af2d0d9ca88ca4d7f9d02015574f4716f |
|
| Details | sha256 | 1 | 104e3ea9a190ba039488f5200824fe883b98f6fe01d05a1b55e15ed2199c807a |
|
| Details | IPv4 | 2 | 208.67.220.222 |
|
| Details | MITRE ATT&CK Techniques | 145 | T1588 |
|
| Details | MITRE ATT&CK Techniques | 43 | T1546 |
|
| Details | MITRE ATT&CK Techniques | 56 | T1587 |
|
| Details | MITRE ATT&CK Techniques | 409 | T1566 |
|
| Details | MITRE ATT&CK Techniques | 245 | T1203 |
|
| Details | MITRE ATT&CK Techniques | 111 | T1119 |
|
| Details | MITRE ATT&CK Techniques | 102 | T1020 |
|
| Details | MITRE ATT&CK Techniques | 21 | T1557 |
|
| Details | MITRE ATT&CK Techniques | 33 | T1556 |
|
| Details | MITRE ATT&CK Techniques | 66 | T1584 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Url | 1 | http://www.cisa.gov/tlp/. |