New “CleverSoar” Installer Targets Chinese and Vietnamese Users | Rapid7 Blog
Tags
Common Information
Type | Value |
---|---|
UUID | 0a006bab-6640-4e1c-9c5a-f9b7cb253576 |
Fingerprint | e5a09923a5bd8691 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Nov. 27, 2024, 2:28 p.m. |
Added to db | Nov. 27, 2024, 3:41 p.m. |
Last updated | Dec. 4, 2024, 11:56 a.m. |
Headline | New “CleverSoar” Installer Targets Chinese and Vietnamese Users |
Title | New “CleverSoar” Installer Targets Chinese and Vietnamese Users | Rapid7 Blog |
Detected Hints/Tags/Attributes | 85/2/49 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 50 | ✔ | Rapid7 Cybersecurity Blog | https://blog.rapid7.com/rss/ | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | folder.it |
|
Details | Domain | 2 | 8848.twilight.zip |
|
Details | File | 5 | 'update.exe |
|
Details | File | 3 | c:\windows\system32\taskbar.dll |
|
Details | File | 4 | 'explorer.exe |
|
Details | File | 1 | 'init.dat |
|
Details | File | 1 | 'zhudongfangyu.exe |
|
Details | File | 1 | 'qhactivedefense.exe |
|
Details | File | 1 | 'hipstray.exe |
|
Details | File | 1 | 'hipsdaemon.exe |
|
Details | File | 8 | 'lsass.exe |
|
Details | File | 1 | tprotect.dll |
|
Details | File | 55 | ekrn.exe |
|
Details | File | 2 | eguiproxy.exe |
|
Details | File | 1 | agentbeat.exe |
|
Details | File | 1 | apm-server.exe |
|
Details | File | 15 | ravmond.exe |
|
Details | File | 2 | rsmain.exe |
|
Details | File | 315 | calc.exe |
|
Details | File | 2 | curl.dll |
|
Details | File | 1 | 'winnt.exe |
|
Details | File | 1 | 'runtime.exe |
|
Details | File | 2 | twilight.zip |
|
Details | sha256 | 2 | f70b34e2b1716528a3c3fffdbfc008003b9685f1a4da2e5a6052612de92b0c68 |
|
Details | IPv4 | 2 | 156.224.26.7 |
|
Details | MITRE ATT&CK Techniques | 502 | T1105 |
|
Details | MITRE ATT&CK Techniques | 306 | T1562.001 |
|
Details | MITRE ATT&CK Techniques | 35 | T1614.001 |
|
Details | MITRE ATT&CK Techniques | 41 | T1218.007 |
|
Details | MITRE ATT&CK Techniques | 122 | T1134 |
|
Details | MITRE ATT&CK Techniques | 26 | T1134.002 |
|
Details | MITRE ATT&CK Techniques | 100 | T1497.001 |
|
Details | MITRE ATT&CK Techniques | 1017 | T1082 |
|
Details | MITRE ATT&CK Techniques | 125 | T1543 |
|
Details | MITRE ATT&CK Techniques | 57 | T1622 |
|
Details | MITRE ATT&CK Techniques | 558 | T1112 |
|
Details | MITRE ATT&CK Techniques | 145 | T1518.001 |
|
Details | MITRE ATT&CK Techniques | 453 | T1055 |
|
Details | MITRE ATT&CK Techniques | 179 | T1569.002 |
|
Details | MITRE ATT&CK Techniques | 441 | T1057 |
|
Details | MITRE ATT&CK Techniques | 202 | T1489 |
|
Details | MITRE ATT&CK Techniques | 98 | T1564.001 |
|
Details | MITRE ATT&CK Techniques | 183 | T1543.003 |
|
Details | MITRE ATT&CK Techniques | 46 | T1014 |
|
Details | MITRE ATT&CK Techniques | 485 | T1053 |
|
Details | MITRE ATT&CK Techniques | 113 | T1564 |
|
Details | MITRE ATT&CK Techniques | 75 | T1562.004 |
|
Details | Windows Registry Key | 1 | HKCU\SOFTWARE\Magisk |
|
Details | Windows Registry Key | 108 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows |