ioc[.]one - OSINT Cyber Threat Intelligence Database

APT-C-08 （蔓灵花）最新远控组件wmRAT分析简报

Tags

Show in Graph

Common Information

Type	Value
UUID	1746b0b1-71e8-46ad-849d-e19fb17bdcbd
Fingerprint	eb2f934162ae44b7
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 21, 2022, midnight
Added to db	Jan. 16, 2023, 3:55 p.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	APT-C-08 （蔓灵花）最新远控组件wmRAT分析简报
Title	APT-C-08 （蔓灵花）最新远控组件wmRAT分析简报
Detected Hints/Tags/Attributes	4/0/26

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s/IZNl6N2K1LUU7e1hT4JeYw

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	correntrollpanel.net
Details	Domain	1	wizbizkidshow.biz
Details	Domain	1	nymedsvcsystems.com
Details	Domain	1	nesiallservice.net
Details	Domain	1	kryoblockbind.net
Details	Domain	1	lltdifslogsvc.net
Details	Domain	1	plprasvchost.net
Details	File	1	从而创建计划任务周期性调用如msiexec.exe
Details	File	93	curl.exe
Details	File	1260	explorer.exe
Details	File	2	wmservice.exe
Details	md5	1	17d71606e6706c2b1e7130b64abedb89
Details	md5	1	42a41d16ff581152bd8d8a31e22f0ba9
Details	md5	1	cded64837038eb2fd13ca0e385fa082f
Details	md5	1	fd37560c80f934919f8f4592708045f3
Details	md5	1	1b73b3249ea689c17f9f798c48a9ce0c
Details	md5	1	d18002da03d005fbb51170a540945077
Details	md5	1	88bc0e6bf5526ad83470f637f5a166da
Details	md5	1	a1777bafc411797c86394a9f05cfd077
Details	md5	1	36a6a6c2bb1feb1a0f632b4e48dda0e3
Details	md5	1	06e9a301a7f5457a5794c425ff5cab61
Details	md5	3	71e1cfb5e5a515cea2c3537b78325abf
Details	md5	1	89df83297ed7eb8caca9a6ffd8b47dcd
Details	md5	1	1a220a49ef5add9bf65d8b1aee44b792
Details	IPv4	1	185.117.73.195
Details	Threat Actor Identifier - APT-C	22	APT-C-08