中国高级持续性威胁(APT) 研究报告
Common Information
| Type | Value |
|---|---|
| UUID | f1931b7f-316a-4c57-8c4c-05f07b5db2bd |
| Fingerprint | 554b21dff3889dea3f6fd38ebbac7d645999ede04c18edd6268a1a81fd811aa8 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 26, 2018, 11:12 a.m. |
| Added to db | April 5, 2024, 3:44 p.m. |
| Last updated | Aug. 31, 2024, 6:01 a.m. |
| Headline | 中国高级持续性威胁(APT) 研究报告 |
| Title | 中国高级持续性威胁(APT) 研究报告 |
| Detected Hints/Tags/Attributes | 67/3/61 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 57 | cve-2017-8759 |
|
| Details | CVE | 14 | cve-2017-0262 |
|
| Details | CVE | 17 | cve-2017-0263 |
|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | CVE | 269 | cve-2017-0199 |
|
| Details | CVE | 15 | cve-2017-11292 |
|
| Details | CVE | 39 | cve-2014-4114 |
|
| Details | CVE | 18 | cve-2014-6352 |
|
| Details | CVE | 2 | cve-2015-0097 |
|
| Details | CVE | 63 | cve-2017-8570 |
|
| Details | CVE | 59 | cve-2015-5119 |
|
| Details | CVE | 4 | cve-2016-0984 |
|
| Details | CVE | 57 | cve-2016-4117 |
|
| Details | CVE | 30 | cve-2015-2545 |
|
| Details | CVE | 13 | cve-2017-0261 |
|
| Details | CVE | 7 | cve-2015-2546 |
|
| Details | CVE | 5 | cve-2017-0001 |
|
| Details | CVE | 22 | cve-2016-7255 |
|
| Details | CVE | 51 | cve-2014-1761 |
|
| Details | CVE | 29 | cve-2013-3906 |
|
| Details | CVE | 48 | cve-2015-1641 |
|
| Details | CVE | 6 | cve-2016-7193 |
|
| Details | CVE | 12 | cve-2017-11826 |
|
| Details | Domain | 1 | harinarach.com |
|
| Details | Domain | 1 | maerferd.com |
|
| Details | Domain | 1 | eoneorbin.com |
|
| Details | Domain | 4 | mumbai-m.site |
|
| Details | Domain | 2 | www.gulfup.com |
|
| Details | Domain | 20 | ti.360.net |
|
| Details | Domain | 67 | 360.cn |
|
| Details | Domain | 100 | cert.360.cn |
|
| Details | File | 1 | 了系统白程序msbuild.exe |
|
| Details | File | 2 | group.doc |
|
| Details | File | 5 | s_attack_on_syria_english.docx |
|
| Details | File | 2 | hotel_reservation_form.doc |
|
| Details | File | 1 | isisattackinnewyork.docx |
|
| Details | File | 4 | rastlsc.exe |
|
| Details | File | 1 | 它会加载rastls.dll |
|
| Details | File | 20 | rastls.dll |
|
| Details | File | 1 | 解密出sylog.bin |
|
| Details | File | 1 | 木马调用mshta.exe |
|
| Details | File | 7 | b.txt |
|
| Details | File | 1 | 同时还要通过msvcr71.dll |
|
| Details | File | 20 | msvbvm60.dll |
|
| Details | File | 57 | eqnedt32.exe |
|
| Details | IPv4 | 2 | 31.9.48.183 |
|
| Details | Threat Actor Identifier - APT-C | 44 | APT-C-00 |
|
| Details | Threat Actor Identifier - APT-C | 24 | APT-C-06 |
|
| Details | Threat Actor Identifier - APT-C | 16 | APT-C-09 |
|
| Details | Threat Actor Identifier - APT-C | 11 | APT-C-12 |
|
| Details | Threat Actor Identifier - APT-C | 14 | APT-C-56 |
|
| Details | Threat Actor Identifier - APT-C | 2 | APT-C-58 |
|
| Details | Threat Actor Identifier - APT-C | 79 | APT-C-23 |
|
| Details | Threat Actor Identifier - APT-C | 17 | APT-C-27 |
|
| Details | Threat Actor Identifier - APT | 783 | APT28 |
|
| Details | Threat Actor Identifier - APT | 258 | APT34 |
|
| Details | Threat Actor Identifier - APT | 665 | APT29 |
|
| Details | Url | 2 | http://mumbai-m.site/b.txt |
|
| Details | Url | 2 | http://www.gulfup.com/?mcvlnx |
|
| Details | Url | 5 | https://ti.360.net |
|
| Details | Url | 93 | https://cert.360.cn |