ioc[.]one - OSINT Cyber Threat Intelligence Database

InSideCopy: How this APT continues to evolve its arsenal

Show in Graph

Image Description

Common Information

Type	Value
UUID	c9e26088-e49b-4f6f-9315-881c8c1afc0a
Fingerprint	4654aa867d8dc72cbcfdb2d68aca73929b28fd653a1dad1f35b84de1cb14f199
Analysis status	DONE
Considered CTI value	1
Text language
Published	July 2, 2021, 11:23 a.m.
Added to db	Jan. 27, 2024, 7:18 p.m.
Last updated	Aug. 31, 2024, 1:22 a.m.
Headline	InSideCopy: How this APT continues to evolve its arsenal
Title	InSideCopy: How this APT continues to evolve its arsenal
Detected Hints/Tags/Attributes	105/4/15

Source URLs

	Redirection	Url
Details	Source	https://talos-intelligence-site-production.s3.amazonaws.com/document_files/257/062521_SideCopy_%281%29.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAU7AK5ITMI4ZSVL7M%2F20240204%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240204T184947Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=8967998268f37adfd34810799bb5a86e7b391da787eb042c673d827ae5496c14
Details	Source	https://talos-intelligence-site-production.s3.amazonaws.com/document_files/257/062521_SideCopy_%281%29.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAU7AK5ITMI4ZSVL7M%2F20240127%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240127T181845Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=d1b2c7c04eb870122f5e97b3aeef40fcd0880d497e9b58f260554d729a44ff7a
Details	Source	https://talos-intelligence-site-production.s3.amazonaws.com/document_files/257/062521_SideCopy_%281%29.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAU7AK5ITMI4ZSVL7M%2F20240310%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240310T054303Z&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=7921cff7e90979ec21c0f3ebcf7e1a783060eda9f883cd529a1bde64f7b3a6a9
Details	Redirection	https://www.talosintelligence.com/resources/257

URL Provider

Details	Provider	Source level domain
Details	amazonaws.com	talos-intelligence-site-production.s3.amazonaws.com
Details	talosintelligence.com	www.talosintelligence.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	164		cisco.com
Details	Domain	107		talosintelligence.com
Details	Domain	3		webmail.gov.in
Details	Domain	904		snort.org
Details	Email	25		talos-external@cisco.com
Details	File	19		credwiz.exe
Details	File	456		mshta.exe
Details	File	33		duser.dll
Details	File	2		tion.pdf
Details	File	4		conference.pdf
Details	File	3		registration.pdf
Details	File	2126		cmd.exe
Details	File	2		kavach.db
Details	Threat Actor Identifier - APT	121		APT36
Details	Windows Registry Key	1		HKCU\..\Run