红雨滴云沙箱:警惕披着安全厂商外衣的攻击样本
Tags
Common Information
Type Value
UUID 1877a8f4-d893-42af-8b3f-7341e7dc2876
Fingerprint 14e58f687dad047c
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 13, 2020, midnight
Added to db Aug. 13, 2023, 9:55 a.m.
Last updated Dec. 21, 2024, 2:20 a.m.
Headline 红雨滴云沙箱:警惕披着安全厂商外衣的攻击样本
Title 红雨滴云沙箱:警惕披着安全厂商外衣的攻击样本
Detected Hints/Tags/Attributes 4/0/27
RSS Feed
Attributes
Details Type #Events CTI Value
Details Domain 32
sandbox.ti.qianxin.com
Details Domain 1
static.cgbchina.com.cn.cloud.360.net.cdn.dnsv1.com
Details Domain 1
api.qianxin.com.cdn.dnsv1.com.cn
Details Domain 1
yunqishangwu.com
Details Domain 1
huawei.dcclouds.com
Details File 2
基层干部员工2023年7月份绩效考核结果的通知.7z
Details File 1
科技股份有限公司人事任免的通知.exe
Details File 31
goopdate.dll
Details File 1
通过同目录下的update.exe
Details File 1
基层干部员工2023年7月份绩效考核结果的通知.exe
Details File 1
沙箱报告的行为异常功能显示样本运行后会调用cmd.exe
Details File 1
tmp_yeumwu.docx
Details File 1
百度金融度小满开发运营团队高级devops工程师jd.exe
Details File 5
virustotal-multisandbox-qianxin-reddrip.html
Details md5 1
11ac373022d6297ea1f367d8980dc4bd
Details md5 1
08fa017f9610c0912021d9f4463487aa
Details md5 1
0548934ccff2d111dc253d9ab7dc8101
Details md5 1
31186bd02349ca8050fb66d25849a7e7
Details md5 1
404357e3f4b8f6edb0cf09e45b1196cd
Details sha1 1
c628cc5ef5d7c638b39b8352093713b4e76868c6
Details IPv4 1
115.231.71.80
Details Url 1
https://sandbox.ti.qianxin.com/sandbox/page/detail?type=file&id=aynj4v299knobtgx127v
Details Url 9
https://sandbox.ti.qianxin.com
Details Url 5
https://blog.virustotal.com/2020/02/virustotal-multisandbox-qianxin-reddrip.html
Details Url 1
https://sandbox.ti.qianxin.com/sandbox/page/detail?type=file&id=aynjpwjka5r8rybxhcwy
Details Url 1
https://sandbox.ti.qianxin.com/sandbox/page/detail?type=file&id=c628cc5ef5d7c638b39b8352093713b4e76868c6
Details Url 1
https://sandbox.ti.qianxin.com/sandbox/page/detailtype