ioc[.]one - OSINT Cyber Threat Intelligence Database

Tracking APT SideWinder Domains By Combining Regex Patterns, Whois Records and Domain Registrars

Tags

country:	Sri Lanka Nepal India Pakistan
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Domains - T1583.001 Domains - T1584.001 Impersonation - T1656 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Python - T1059.006 Server - T1583.004 Server - T1584.004 Template Injection - T1221 Tool - T1588.002 Whois - T1596.002 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	34b27de5-6c21-4364-8cec-e6cd6ae693f0
Fingerprint	6208855306f0e7c0
Analysis status	DONE
Considered CTI value	1
Text language
Published	May 23, 2024, 11:17 a.m.
Added to db	Aug. 31, 2024, 2:40 a.m.
Last updated	Nov. 15, 2024, 1:37 p.m.
Headline	UNKNOWN
Title	Tracking APT SideWinder Domains By Combining Regex Patterns, Whois Records and Domain Registrars
Detected Hints/Tags/Attributes	62/3/54

Source URLs

	Redirection	Url
Details	Source	https://www.embeeresearch.io/advanced-guide-to-infrastructure-analysis-tracking-apt-sidewinder-domains/

URL Provider

Details	Provider	Source level domain
Details	embeeresearch.io	www.embeeresearch.io

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	107	✔	Embee Research	https://embee-research.ghost.io/rss/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	269	cve-2017-0199
Details	Domain	1	docs.mofa-services-server.top
Details	Domain	1	mofa-services-server.top
Details	Domain	1	luxury-get-away.top
Details	Domain	1	govt-pk.com
Details	Domain	1	moma-gov-pk.org
Details	Domain	1	documents-server-pk.top
Details	Domain	1	gov-pk.com
Details	Domain	4	gov.pk
Details	Domain	1	pubad.gov.lk.govt-pk.com
Details	Domain	1	pubad.gov.lk
Details	Domain	4	paknavy-govpk.info
Details	Domain	1	pmo.documents-server-pk.top
Details	Domain	1	nitb-update-services.top
Details	Domain	1	services-pk-users.top
Details	Domain	1	goverment-pk-update.top
Details	Domain	1	cabinet-download-server.top
Details	Domain	1	amazonas-gov.co
Details	Domain	1	cnsa-gov.com
Details	Domain	4	dgps-govpk.co
Details	Domain	4	dgps-govpk.com
Details	Domain	1	ep-gov-pk.christmas
Details	Domain	1	ep-gov-pk.icu
Details	Domain	4	gov-govpk.info
Details	Domain	1	justice-gov.info
Details	Domain	1	mohre-gov.info
Details	Domain	1	my-gov-confirm.org
Details	Domain	1	ncsc-gov.com
Details	Domain	4	update-govpk.co
Details	Domain	1	paknavy-govpk.com
Details	Domain	1	ctd.govt-pk.com
Details	Domain	1	ecp.govt-pk.com
Details	Domain	1	embajadadenepal.es.govt-pk.com
Details	Domain	1	investinnepal.gov.np.govt-pk.com
Details	Domain	1	lgcd.punjab.gov.pk.govt-pk.com
Details	Domain	1	mindef.gov.pk.govt-pk.com
Details	Domain	1	mod.gov.bd.govt-pk.com
Details	Domain	1	mod.gov.np.govt-pk.com
Details	Domain	1	mofa.gov.bd.govt-pk.com
Details	Domain	1	mofa.gov.np.govt-pk.com
Details	Domain	1	prisons.punjab.govt-pk.com
Details	Domain	1	sparrso.gov.bd.govt-pk.com
Details	Domain	1	mail-govpk.com
Details	Domain	1	nadra-govpk.com
Details	Domain	1	pta-govpk.com
Details	Domain	1	newmofa.org
Details	Domain	4	mod-gov-pk.live
Details	Domain	1	pakistan-mofa.cloud
Details	Domain	1	s3-network-pakistan.online
Details	File	17	file.rtf
Details	File	2	pmo.doc
Details	sha256	2	7dca552bc38f54716c80eb2c4f1f35cf6e5b12a78a5cec8bf335453c1b433cfd
Details	IPv4	7	188.114.97.3
Details	IPv4	5	91.195.240.123