ioc[.]one - OSINT Cyber Threat Intelligence Database

Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape | Proofpoint US

Tags

cmtmf-attack-pattern:	Masquerading
country:	China Japan Russia
attack-pattern:	Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Python - T1059.006 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Masquerading - T1036 Masquerading

Show in Graph

Common Information

Type	Value
UUID	191317aa-c450-4ace-8190-ff2bcba4b279
Fingerprint	af1d0fbf89398680
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 20, 2023, noon
Added to db	Nov. 19, 2023, 3:31 a.m.
Last updated	Nov. 17, 2024, 5:56 p.m.
Headline	Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape
Title	Chinese Malware Appears in Earnest Across Cybercrime Threat Landscape \| Proofpoint US
Detected Hints/Tags/Attributes	69/3/39

Source URLs

	Redirection	Url
Details	Source	https://www.proofpoint.com/us/blog/threat-insight/chinese-malware-appears-earnest-across-cybercrime-threat-landscape

URL Provider

Details	Provider	Source level domain
Details	proofpoint.com	www.proofpoint.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	354	✔	Proofpoint Threat Insight	https://www.proofpoint.com/us/threat-insight-blog.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	cluedk.com
Details	Domain	1	fakaka16.top
Details	Domain	1	fakaka9.top
Details	Domain	1	rus3rcqtp.hn-bkt.clouddn.com
Details	Domain	1	26866498.zip
Details	Domain	1	kakafa.top
Details	Domain	99	qq.com
Details	Domain	1	51fapiaoyun.com
Details	Domain	1	51fapiao.com
Details	Domain	2	drfs.ctcontents.com
Details	Domain	1	zohomail.cn
Details	Domain	1	ckj2.cn
Details	Domain	1	xqxayjrk101.wecom.work
Details	Domain	1	zc1800.oss-cn-shenzhen.aliyuncs.com
Details	Domain	179	hotmail.com
Details	Domain	1	fhyhdf.oss-cn-hangzhou.aliyuncs.com
Details	Domain	272	outlook.com
Details	Email	1	lwplbh@cluedk.com
Details	Email	1	q1045582630@qq.com
Details	Email	1	aa0035@zohomail.cn
Details	Email	1	qdjvqvumsdw@hotmail.com
Details	Email	1	kweffabibis0@outlook.com
Details	File	1	26866498.exe
Details	File	13	vmwareservice.exe
Details	File	28	vmwaretray.exe
Details	File	30	vmwareuser.exe
Details	sha256	1	0d133dde99d883274bf5644bd9e59af3c54c2b3c65f3d1bc762f2d3725f80582
Details	sha256	1	7f32ca98ce66a057ae226ec78638db95feebc59295d3afffdbf407df12b5bc79
Details	sha256	1	a48abe2847e891cfd6c18c7cdaaa8e983051bc2f7a0bd9ef5c515a72954e1715
Details	sha256	1	4f01ffe98009a8090ea8a086d21c62c24219b21938ea3ec7da8072f8c4dcc7a6
Details	IPv4	1	124.220.35.63
Details	Pdb	1	c:\users\77\source\repos\project8\debug\project8.pdb
Details	Url	1	http://rus3rcqtp.hn-bkt.clouddn.com/26866498.zip
Details	Url	1	http://51fapiaoyun.com/发-票.rar
Details	Url	1	http://124.220.35.63/laoxiang.exe
Details	Url	1	https://drfs.ctcontents.com/file/40788929/860577489
Details	Url	1	http://ckj2.cn/r8f
Details	Url	1	https://zc1800.oss-cn-shenzhen.aliyuncs.com/piao
Details	Url	1	https://fhyhdf.oss-cn-hangzhou.aliyuncs.com/發票.zip