ioc[.]one - OSINT Cyber Threat Intelligence Database

针对巴基斯坦NCGSA、MOITT 、MOD、NSCP和SCO的攻击\u0014

Tags

country:	Nepal
attack-pattern:	Credentials - T1589.001

Show in Graph

Common Information

Type	Value
UUID	336ff929-91e6-4029-86c6-e92130bc6e37
Fingerprint	58b958f44e7a6a5a
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 21, 2022, midnight
Added to db	Sept. 11, 2022, 12:37 p.m.
Last updated	Nov. 17, 2024, 12:56 p.m.
Headline	针对巴基斯坦NCGSA、MOITT 、MOD、NSCP和SCO的攻击
Title	针对巴基斯坦NCGSA、MOITT 、MOD、NSCP和SCO的攻击\u0014
Detected Hints/Tags/Attributes	16/2/37

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s/yrDzybPVTbu_9SrZPlSNKA

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	multinet.com.pk
Details	Domain	1	nationalcollege.edu
Details	Domain	1	www.csd.gov.pk
Details	File	1	发现了样本ncgsa-lab-credentials.docm
Details	File	1	发现了样本draft-minutes-nitb-moitt.docm
Details	File	1	ncgsa-lab-credentials.docm
Details	File	1	expr.exe
Details	File	1	syswow64-e1.exe
Details	File	1	csd-loyalty.apk
Details	File	252	www.cs
Details	File	1	但是非常有意思的是january2021.docx
Details	File	12	doc.docx
Details	File	1	january2021.docx
Details	File	1	draft-minutes-nitb-moitt.docm
Details	File	1	nscp-draft-final.docm
Details	File	1	july-sco.docm
Details	File	1	sco-cyber-advisory.docm
Details	sha256	1	66882db537a3166f60b45f65a56705d5e838b750cb45a0a54a0645d3793b572a
Details	sha256	1	29f3946a78fa904957d891badd4c600d5660478b7ea3f16bd91538daf492460f
Details	sha256	1	dbe60153ede523dc838e9289aa0b43c5022c182b85396381b96b5d44c1698e27
Details	sha256	1	ad5de6e1a7f393ef127a65e7b5f52da1d8708a03f5f6fbb1e7076eb8ff223a82
Details	sha256	1	56f98539b137c2b3eb1e433a9e87e7a176e95ca6abb1eb12975bcdcbcef90879
Details	sha256	1	d4ddf955a25e9d3161cbc48756bbd4643d69cf0bbf7a2afb1199473724f8b65a
Details	sha256	1	44ab959e070a76da9033cabaaebe69d3fc17d27ccf71660e5c2817611f0c4301
Details	sha256	1	b54335fa9c9afffdb1729f2e7c808cfb6dc0d45ac0e3a375d611af4391ef459b
Details	sha256	1	c82c58a917b4f94621bb0115c03f5ee3889b869be9f21ad07c90cbf93c680690
Details	sha256	1	95f69685b20176b657e731a05009c0a26c3b8519fb31e61e0b90d5afd03a92c9
Details	sha256	1	ff19ff1ef5f01de34cb09af5f0d62d380cffc14d0c00482287fd2741e00abb22
Details	sha256	1	1949e4fa05996724af5216e92d421795859592d7a2e1dd4d5d89ce957afb54fd
Details	sha256	1	db721c1c017aac9093dcaeb4049441ce9fd617f09388f844243b148846914c14
Details	sha256	1	4805d28aa8f1b7e46ea21facb9adcdc02bc499f268b0b30cef8ffa74417cf8e4
Details	sha256	1	4f10d7a2e964aa6c91e4b2da80fe82f8a566ca8a541592a4789b48f4dba11581
Details	IPv4	1	66.42.43.177
Details	Url	1	https://multinet.com.pk/wp-content/expr.exe
Details	Url	1	https://nationalcollege.edu.np/admin/assets/js/jquery/tiny/plugins/anchor/.anchor/syswow64-e1.exe
Details	Url	1	https://www.csd.gov.pk/about-us
Details	Url	1	https://twitter.com/shadowchasing1/status/1412754106406428679)和2020.7.8(https://twitter.com/h2jazi/status/1413140420737966090