2023 RESEARCH REPORT
Show in Graph
Image Description
Common Information
Type Value
UUID e00fb022-a889-4646-94cd-d14f9dae3ea0
Fingerprint 7281c4135b464604a629e3d07f33e24717a4fd953532bdcd02ee322067ce6512
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 30, 2024, 11:55 a.m.
Added to db March 9, 2024, 11:38 p.m.
Last updated Aug. 30, 2024, 10:23 p.m.
Headline 2023 RESEARCH REPORT
Title 2023 RESEARCH REPORT
Detected Hints/Tags/Attributes 130/4/131
Source URLs
Redirection Url
Details Source http://pub1-bjyt.s3.360.cn/bcms/2023%E5%B9%B4%E5%85%A8%E7%90%83%E9%AB%98%E7%BA%A7%E5%A8%81%E8%83%81(APT)%E7%A0%94%E7%A9%B6%E6%8A%A5%E5%91%8A.pdf
URL Provider
Details Provider Source level domain
Details 360.cn pub1-bjyt.s3.360.cn
Attributes
Details Type #Events CTI Value
Details Domain 2 
www.whwx.gov.cn
Details Domain 208 
mp.weixin.qq.com
Details Domain 3 
world.huanqiu.com
Details Domain 189 
asec.ahnlab.com
Details Domain 23 
community.riskiq.com
Details Domain 55 
blog.google
Details Domain 182 
www.mandiant.com
Details Domain 47 
go.recordedfuture.com
Details Domain 12 
www.gov.pl
Details Domain 53 
blogs.blackberry.com
Details Domain 15 
blog.eclecticiq.com
Details Domain 72 
symantec-enterprise-blogs.security.com
Details Domain 403 
securelist.com
Details Domain 397 
www.microsoft.com
Details Domain 66 
www.malwarebytes.com
Details Domain 20 
www.secrss.com
Details Domain 57 
www.clearskysec.com
Details Domain 469 
www.cisa.gov
Details Domain 20 
www.pwc.com
Details Domain 172 
www.crowdstrike.com
Details Domain 261 
blog.talosintelligence.com
Details Domain 6 
www.bridewell.com
Details Domain 262 
www.welivesecurity.com
Details Domain 57 
www.ptsecurity.com
Details Domain 3 
sektorcert.dk
Details Domain 112 
docs.google.com
Details Domain 99 
therecord.media
Details File 13 
syncappvpublishingserver.vbs
Details File 38 
3cxdesktopapp.exe
Details File 55 
control.exe
Details File 14 
imagingdevices.exe
Details File 2 
9号.pdf
Details File 2 
民用航空网络安全保障方案.rar
Details File 2 
基于平疫结合的航站楼适应性规划设计.pdf
Details File 2 
关于恢复国际客运航班的若干措施.pdf
Details File 2 
关于加强民航专业工程建设质量管理工作的二十条措施.pdf
Details File 2 
运输航空公司疫情防控技术指南-第十版.pdf
Details File 2 
国内客运航班运行财政补贴资金申报表.xls
Details File 5 
cta-2023-0620.pdf
Details File 40 
gov.pl
Details File 5 
8.pdf
Details File 6 
yellow-liderc-ships-its-scripts-delivers-imaploader-malware.html
Details File 2 
202302_withsecure_lazarus_group_report_eng.pdf
Details File 2 
attack-against-danish-critical-infrastructure-tlp-clear.pdf
Details MITRE ATT&CK Techniques 695 
T1059
Details MITRE ATT&CK Techniques 444 
T1071
Details MITRE ATT&CK Techniques 409 
T1566
Details MITRE ATT&CK Techniques 420 
T1204
Details MITRE ATT&CK Techniques 627 
T1027
Details MITRE ATT&CK Techniques 504 
T1140
Details MITRE ATT&CK Techniques 1006 
T1082
Details MITRE ATT&CK Techniques 348 
T1036
Details MITRE ATT&CK Techniques 207 
T1547
Details MITRE ATT&CK Techniques 585 
T1083
Details MITRE ATT&CK Techniques 422 
T1041
Details MITRE ATT&CK Techniques 480 
T1053
Details MITRE ATT&CK Techniques 247 
T1070
Details MITRE ATT&CK Techniques 433 
T1057
Details MITRE ATT&CK Techniques 492 
T1105
Details MITRE ATT&CK Techniques 163 
T1573
Details MITRE ATT&CK Techniques 164 
T1574
Details MITRE ATT&CK Techniques 245 
T1016
Details MITRE ATT&CK Techniques 230 
T1033
Details MITRE ATT&CK Techniques 66 
T1583
Details Threat Actor Identifier - APT-C 2 
APT-C-57
Details Threat Actor Identifier - APT-C 3 
APT-C-68
Details Threat Actor Identifier - APT-C 9 
APT-C-39
Details Threat Actor Identifier - APT-C 7 
APT-C-40
Details Threat Actor Identifier - APT-C 4 
APT-C-53
Details Threat Actor Identifier - APT-C 4 
APT-C-25
Details Threat Actor Identifier - APT-C 3 
APT-C-13
Details Threat Actor Identifier - APT-C 9 
APT-C-20
Details Threat Actor Identifier - APT-C 4 
APT-C-63
Details Threat Actor Identifier - APT-C 3 
APT-C-51
Details Threat Actor Identifier - APT-C 79 
APT-C-23
Details Threat Actor Identifier - APT-C 3 
APT-C-49
Details Threat Actor Identifier - APT-C 44 
APT-C-00
Details Threat Actor Identifier - APT-C 19 
APT-C-01
Details Threat Actor Identifier - APT-C 30 
APT-C-26
Details Threat Actor Identifier - APT-C 15 
APT-C-55
Details Threat Actor Identifier - APT-C 24 
APT-C-06
Details Threat Actor Identifier - APT-C 15 
APT-C-28
Details Threat Actor Identifier - APT-C 83 
APT-C-36
Details Threat Actor Identifier - APT-C 16 
APT-C-09
Details Threat Actor Identifier - APT-C 22 
APT-C-08
Details Threat Actor Identifier - APT-C 7 
APT-C-48
Details Threat Actor Identifier - APT-C 7 
APT-C-24
Details Threat Actor Identifier - APT-C 14 
APT-C-56
Details Threat Actor Identifier - APT-C 7 
APT-C-61
Details Threat Actor Identifier - APT-C 27 
APT-C-60
Details Threat Actor Identifier - APT-C 102 
APT-C-35
Details Threat Actor Identifier - APT 665 
APT29
Details Threat Actor Identifier - APT 783 
APT28
Details Threat Actor Identifier - APT 194 
APT35
Details Url 2 
http://www.whwx.gov.cn/wlaq/wadt/202307/t20230728_2238379.shtml
Details Url 2 
https://mp.weixin.qq.com/s/zhbga7xzgzuxktyurtajdg
Details Url 2 
https://world.huanqiu.com/article/4ex89zq6zng
Details Url 4 
https://mp.weixin.qq.com/s/xu7b3m-l2olai2bu7nbj0a
Details Url 5 
https://mp.weixin.qq.com/s/lvsragnmsl3a1jeuubuvyw
Details Url 3 
https://asec.ahnlab.com/ko/52829
Details Url 2 
https://community.riskiq.com/article/541a465f
Details Url 3 
https://blog.google/threat-analysis-group/ukraine-remains-russias-biggest-
Details Url 2 
https://www.mandiant.com/resources/blog/sandworm-disrupts-power-
Details Url 2 
https://blog.google/threat-analysis-group/ukraine-remains-russiasbiggest-
Details Url 5 
https://go.recordedfuture.com/hubfs/reports/cta-2023-0620.pdf
Details Url 2 
https://www.gov.pl/web/baza-wiedzy/espionage-campaign-linked-
Details Url 2 
https://blogs.blackberry.com/en/2023/01/gamaredon-abuses-telegramto-
Details Url 5 
https://mp.weixin.qq.com/s/nomfjajgydsoplbtioszpa
Details Url 2 
https://blog.eclecticiq.com/three-cases-of-cyber-attacks-on-the-security-
Details Url 5 
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence
Details Url 5 
https://securelist.com/bad-magic-apt/109087
Details Url 2 
https://www.microsoft.com/en-us/security/blog/2023/04/18/nation-state-
Details Url 4 
https://mp.weixin.qq.com/s/boj88zzk27zahshlyucyga
Details Url 2 
https://www.malwarebytes.com/blog/threat-intelligence/2023/05
Details Url 2 
https://www.secrss.com/articles/54898
Details Url 2 
https://www.clearskysec.com/wp-content/uploads/2023/05/fata-
Details Url 2 
https://mp.weixin.qq.com/s/juukwhzzqbowqxacm8cvza
Details Url 2 
https://www.cisa.gov/news-events/analysis-reports/ar23-250a
Details Url 2 
https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-
Details Url 2 
https://www.crowdstrike.com/blog/imperial-kitten-deploys-novel-malware-
Details Url 2 
https://blog.talosintelligence.com/yorotrooper-espionage-campaign-cis-
Details Url 2 
https://www.bridewell.com/insights/news/detail/bridewell-intelligence-
Details Url 2 
https://blog.google/threat-analysis-group/ukraine-remains-russias-
Details Url 2 
https://www.welivesecurity.com/2023/05/02/apt-groups-muddying-
Details Url 4 
https://mp.weixin.qq.com/s/13bqdjcfntbfvmubhkgllw
Details Url 2 
https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence
Details Url 2 
https://sektorcert.dk/wp-content/uploads/2023/11/sektorcert-the-
Details Url 2 
https://docs.google.com/spreadsheets/d/1lknj0uqwbec1ztrrxdtuplcil7m
Details Url 2 
https://therecord.media/operation-triangulation-iphone-spyware-
Details Url 2 
https://securelist.com/trng-2023
Details Url 2 
https://mp.weixin.qq.com/s/_pzukpgsyhzy07gqqinl8w