ioc[.]one - OSINT Cyber Threat Intelligence Database

Poison Ivy APT Launches Continuous Cyber Attack on Defense, Gov, Tech & Edu Sectors

Tags

cmtmf-attack-pattern:	Process Injection
maec-delivery-vectors:	Watering Hole
attack-pattern:	Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Process Injection - T1631 Process Injection - T1055

Show in Graph

Common Information

Type	Value
UUID	18b50662-d77c-46bf-ac0d-637140bd6ea5
Fingerprint	ba9009890b3edf4f
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 2, 2024, 6:03 a.m.
Added to db	Dec. 2, 2024, 7:46 a.m.
Last updated	Dec. 18, 2024, 2:14 p.m.
Headline	Poison Ivy APT Launches Continuous Cyber Attack on Defense, Gov, Tech & Edu Sectors
Title	Poison Ivy APT Launches Continuous Cyber Attack on Defense, Gov, Tech & Edu Sectors
Detected Hints/Tags/Attributes	35/3/14

Source URLs

	Redirection	Url
Details	Source	https://gbhackers.com/poison-ivy-apt-launches-continuous-cyber-attack/

URL Provider

Details	Provider	Source level domain
Details	gbhackers.com	gbhackers.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	125	✔	GBHackers Security \| #1 Globally Trusted Cyber Security News Platform	https://gbhackers.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		auto-download.zip
Details	Domain	1130		any.run
Details	Domain	2		caac-cn.org
Details	Domain	2		caac-cn.com
Details	File	1		auto-download.zip
Details	md5	2		61c42751f6bb4efafec524be23055fba
Details	md5	2		3bd15b16a9595d20c0e185ab1fae738f
Details	md5	2		7f0dba2db8c3fdd717d83bb693b3ade9
Details	md5	2		88e306f4d6a33703316e794a9210f528
Details	md5	2		3a74ed8d1163d1dbc516410d1b8081fa
Details	IPv4	2		165.22.97.48
Details	IPv4	2		158.247.208.174
Details	IPv4	2		128.199.134.3
Details	Threat Actor Identifier - APT-C	22		APT-C-01