Cuckoo Spear Campaign IOCs - II - SEC-1275-1
Tags
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 Msbuild - T1127.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 1e0dcfc4-13fb-481b-958e-02191d83040a |
| Fingerprint | e6fc2ec4b03bb4b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 8, 2024, midnight |
| Added to db | Oct. 8, 2024, 9:35 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Cuckoo Spear Campaign IOCs - II |
| Title | Cuckoo Spear Campaign IOCs - II - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 5/1/29 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://1275.ru/ioc/4071/cuckoo-spear-campaign-iocs-ii/?mtm_campaign=rss |
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | 3utilities.com |
|
| Details | Domain | 2 | foeake.org |
|
| Details | Domain | 2 | inbullar.com |
|
| Details | Domain | 2 | mangoaiml.com |
|
| Details | Domain | 2 | ocouomors.com |
|
| Details | Domain | 4 | onthewifi.com |
|
| Details | Domain | 2 | paunsonaz.com |
|
| Details | Domain | 6 | redirectme.net |
|
| Details | Domain | 2 | saraosting.com |
|
| Details | Domain | 6 | serveblog.net |
|
| Details | Domain | 2 | temmans.com |
|
| Details | Domain | 2 | torefrog.com |
|
| Details | File | 149 | msbuild.exe |
|
| Details | md5 | 2 | 0dbaff93ec6243035275364d5c1c26c9 |
|
| Details | md5 | 2 | 3b07fbaa8b9c5a53658abe3ac9f66e60 |
|
| Details | md5 | 2 | 4f1c68d2fe3b0255e706e4c7de0a739f |
|
| Details | md5 | 2 | 6b3148e824fd84f54592fe5d2e766740 |
|
| Details | md5 | 2 | 73a904ba602e1bf068f5d217403fa41f |
|
| Details | md5 | 2 | 9eef43edc87ab1f301ec8730113535ee |
|
| Details | md5 | 2 | b5228638d5de18e59ebbddc13c120879 |
|
| Details | md5 | 2 | c39b02c9771c6be9610977408ebb509f |
|
| Details | md5 | 2 | c76b1ed6d094edbad887f68093ef6bf9 |
|
| Details | md5 | 2 | d6d59b1ff85bf971286782f8f43d6326 |
|
| Details | md5 | 2 | deedb32bf51dc8f3399614c8a9718e75 |
|
| Details | md5 | 2 | e0a8048c7f69da35bbb2cd35d86c2dc8 |
|
| Details | md5 | 2 | ea474e87f23ce6575057e76108665ffb |
|
| Details | md5 | 2 | f12873d8b69624d972b3c6fa55e52483 |
|
| Details | md5 | 2 | fe36fd0f09aadd3e7ddd7b66f18d5e93 |
|
| Details | Threat Actor Identifier - APT | 278 | APT10 |