Defeating APT10 compiler-level obfuscations
Show in Graph
Image Description
Common Information
Type Value
UUID cde98445-33db-4cec-ac1d-2c843b848f44
Fingerprint 3a7b5356c7578247dc8bf4b27876e4090deb8b4f29faf8a4e9c203752537fa01
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 14, 2019, 11:12 a.m.
Added to db April 18, 2024, 10:44 a.m.
Last updated Aug. 31, 2024, 1:14 a.m.
Headline Defeating APT10 compiler-level obfuscations
Title Defeating APT10 compiler-level obfuscations
Detected Hints/Tags/Attributes 40/2/23
Source URLs
Redirection Url
Details Source https://www.virusbulletin.com/uploads/pdf/magazine/2019/VB2019-Haruyama.pdf
URL Provider
Details Provider Source level domain
Details virusbulletin.com www.virusbulletin.com
Attributes
Details Type #Events CTI Value
Details Threat Actor Identifier - APT 278 
APT10
Details Url 5 
https://www.welivesecurity
Details Url 3 
https://jsac.jpcert.or.jp/archive/2019/pdf/jsac2019_6_tamada_jp.pdf
Details Url 1 
http://www.hexblog.com
Details Url 1 
https://github.com/rolfrolles/hexraysdeob.
Details Url 17 
https://www.fi
Details Url 1 
https://www.secureworks.jp/resources/at-bronze-riverside-
Details Url 1 
https://github.com/carbonblack
Details Domain 247 
www.virusbulletin.com
Details Domain 2 
carbonblack.com
Details Domain 46 
jsac.jpcert.or.jp
Details Domain 6 
www.hexblog.com
Details Domain 4128 
github.com
Details Domain 22 
reeye.com
Details Domain 7 
www.secureworks.jp
Details Email 1 
tharuyama@carbonblack.com
Details File 6 
eset_turla_mosquito.pdf
Details File 3 
jsac2019_6_tamada_jp.pdf
Details File 2 
corporations-using-updated-ttps.html
Details Github username 2 
rolfrolles
Details Github username 7 
carbonblack
Details sha256 1 
3d2b3c9f50ed36bef90139e6dd250f140c373664984b97a97a5a70333387d18d
Details sha256 1 
f333358850d641653ea2d6b58b921870125af1fe77268a6fdfeda3e7e0fb636d