Threat Advisory
Show in Graph
Image Description
Common Information
Type Value
UUID fc3c500b-fd22-4e5e-a0d9-855be5eb4b70
Fingerprint 7f3a155d2750e0a69fb5763b119593ca78ba05f4a830ffa77140acf58c5ce440
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 3, 2024, 6:51 p.m.
Added to db Feb. 7, 2024, 7:46 p.m.
Last updated Aug. 31, 2024, 2:47 a.m.
Headline Threat Advisory
Title Threat Advisory
Detected Hints/Tags/Attributes 64/4/31
Source URLs
Redirection Url
Details Source https://www.hivepro.com/wp-content/uploads/2024/01/Nim-Backdoor-Masquerades-as-Nepal-Government-Security_TA2024002.pdf
URL Provider
Details Provider Source level domain
Details hivepro.com www.hivepro.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
mail.mofa.govnp.org
Details Domain 1 
nitc.govnp.org
Details Domain 1 
mx1.nepal.govnp.org
Details Domain 1 
dns.govnp.org
Details Domain 18 
www.netskope.com
Details Domain 435 
www.hivepro.com
Details File 137 
conhost.exe
Details md5 1 
e2a3edc708016316477228de885f0c39
Details md5 1 
777fcc34fef4a16b2276e420c5fb3a73
Details md5 1 
EF834A7C726294CE8B0416826E659BAA
Details md5 1 
32C5141B0704609B9404EFF6C18B47BF
Details sha1 1 
3aa803baf5027c57ec65eb9b47daad595ba80bac
Details sha1 1 
5d2e2336bb8f268606c9c8961bed03270150cf65
Details sha1 1 
4cae7160386782c02a3b68e7a9ba78cc5ffb0236
Details sha1 1 
0599969ca8b35bb258797aee45fbd9013e57c133
Details MITRE ATT&CK Techniques 504 
T1140
Details MITRE ATT&CK Techniques 695 
T1059
Details MITRE ATT&CK Techniques 433 
T1057
Details MITRE ATT&CK Techniques 275 
T1053.005
Details MITRE ATT&CK Techniques 480 
T1053
Details MITRE ATT&CK Techniques 310 
T1566.001
Details MITRE ATT&CK Techniques 409 
T1566
Details MITRE ATT&CK Techniques 365 
T1204.002
Details MITRE ATT&CK Techniques 420 
T1204
Details MITRE ATT&CK Techniques 207 
T1547
Details MITRE ATT&CK Techniques 29 
T1137
Details MITRE ATT&CK Techniques 92 
T1048
Details MITRE ATT&CK Techniques 444 
T1071
Details MITRE ATT&CK Techniques 627 
T1027
Details Url 1 
https://www.netskope.com/blog/a-look-at-the-nim-based-campaign-using-
Details Url 1 
https://www.hivepro.com/threat-advisory/sidewinders-nim-backdoor-spells-