Analyzing APT37’s VeilShell Attack on Cambodia:
A Stealthy Threat in a Geo-Political Landscape
Tags
cmtmf-attack-pattern: | Masquerading |
country: | Cambodia North Korea Japan South Korea |
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Vulnerabilities - T1588.006 Vulnerability Scanning - T1595.002 Masquerading - T1036 Powershell - T1086 Masquerading |
Common Information
Type | Value |
---|---|
UUID | 0fcda5fc-e65b-4bab-8fca-4de50ba3c64d |
Fingerprint | 1de55219002a6f9b |
Analysis status | DONE |
Considered CTI value | 1 |
Text language | |
Published | Oct. 28, 2024, 6:37 p.m. |
Added to db | Oct. 28, 2024, 7:53 p.m. |
Last updated | Nov. 4, 2024, 9:59 p.m. |
Headline | Analyzing APT37’s VeilShell Attack on Cambodia: A Stealthy Threat in a Geo-Political Landscape |
Title | Analyzing APT37’s VeilShell Attack on Cambodia: A Stealthy Threat in a Geo-Political Landscape |
Detected Hints/Tags/Attributes | 62/4/6 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 184 | www.fireeye.com |
|
Details | Domain | 615 | en.wikipedia.org |
|
Details | File | 4 | apt-groups.html |
|
Details | Threat Actor Identifier - APT | 274 | APT37 |
|
Details | Url | 2 | https://www.fireeye.com/current-threats/apt-groups.html |
|
Details | Url | 2 | https://en.wikipedia.org/wiki/sony_pictures_hack |