Threat Actor Interplay | Good Day’s Victim Portals and Their Ties to Cloak
Tags
country: Germany France Italy Taiwan
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 16a8e6a5-2d80-4f96-8a49-33c5409dccb3
Fingerprint 8e660afb0fa5a699
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 30, 2023, midnight
Added to db Oct. 24, 2023, 1:13 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Threat Actor Interplay | Good Day’s Victim Portals and Their Ties to Cloak
Title Threat Actor Interplay | Good Day’s Victim Portals and Their Ties to Cloak
Detected Hints/Tags/Attributes 43/3/18
Source URLs
Redirection Url
Details Source https://www.sentinelone.com/blog/threat-actor-interplay-good-days-victim-portals-and-their-ties-to-cloak/
URL Provider
Details Provider Source level domain
Details sentinelone.com www.sentinelone.com
Attributes
Details Type #Events CTI Value
Details Domain 144 
cock.li
Details Domain 2 
47h4pwve4scndaneljfnxdhzoulgsyfzbgayyonbwztfz74gsdprz5qd.onion
Details Domain 2 
cloak7jpvcb73rtx2ff7kaw2kholu7bdiivxpzbhlny4ybz75dpxckqd.onion
Details Domain 1 
dcpuyivlbzx56hqwsvey33bxobxw3timjgljjy3index6qvdls5bjoad.onion
Details Domain 1 
wwwieqvblhnel7wsb6jpxeen3dbmsqyozj2gzl2oyn6swrkq27jtusqd.onion
Details Domain 1 
zxzs677rphmjznqgqzlsmjtqwqlydq47rwjesrt4dkkh6cc2ftlfhuqd.onion
Details Email 2 
miklymakly555@cock.li
Details File 26 
windowsupdate.exe
Details File 345 
vssadmin.exe
Details File 99 
c:\windows\explorer.exe
Details File 3 
s-ice.exe
Details File 11 
immunitydebugger.exe
Details File 23 
x64dbg.exe
Details sha1 1 
d5fba798bb2a0aaca17f17fa14f2ff240be8d34d
Details sha1 1 
7cf3b23cdb8c5fd74b094f76eb4ffc38e18bd58a
Details sha1 1 
7ef712604fca6ad5a368745a015354aba74f5f61
Details sha1 1 
a3ff2d575adc8edb088706e1de1a18a2d789cd73
Details sha1 1 
c374252e4cff08e3abcda06503998cd3d3ef8322