ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Hunt Deep Dives: SolarWinds' Supply-Chain Compromise…

Tags

cmtmf-attack-pattern:	Supply Chain Compromise
country:	Russia
attack-pattern:	Application Shimming - T1546.011 Domains - T1583.001 Domains - T1584.001 Software - T1592.002 Supply Chain Compromise - T1474 Application Shimming - T1138 Supply Chain Compromise - T1195 Supply Chain Compromise

Show in Graph

Common Information

Type	Value
UUID	3998ca1e-701c-4c48-a0ef-6fe3cd6cbc67
Fingerprint	c49b1dd9040f2f11
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 19, 2024, midnight
Added to db	Aug. 31, 2024, 5:19 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Threat Hunt Deep Dives: SolarWinds' Supply-Chain Compromise (Solorigate / SUNBURST Backdoor)
Title	Threat Hunt Deep Dives: SolarWinds' Supply-Chain Compromise…
Detected Hints/Tags/Attributes	26/3/32

Source URLs

	Redirection	Url
Details	Source	https://intel471.com/blog/threat-hunt-deep-dives-solarwinds-supply-chain-compromise-solorigate-sunburst-backdoor

URL Provider

Details	Provider	Source level domain
Details	intel471.com	intel471.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	138	✔	Intel471	https://intel471.com/blog/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	50	avsvmcloud.com
Details	Domain	19	deftsecurity.com
Details	Domain	11	digitalcollege.org
Details	Domain	18	freescanonline.com
Details	Domain	9	globalnetworkissues.com
Details	Domain	10	kubecloud.com
Details	Domain	12	lcomputers.com
Details	Domain	12	seobundlekit.com
Details	Domain	10	solartrackingsystem.net
Details	Domain	18	thedoccloud.com
Details	Domain	12	virtualwebdata.com
Details	Domain	12	webcodez.com
Details	sha256	13	019085a76ba7126fff22770d71bd901c325fc68ac55aa743327984e89f4b0134
Details	sha256	4	32519685c0b422e4656de6e6c41878e95fd95026267daab4215ee59c107d6c77
Details	sha256	5	a25cadd48d70f6ea0c4a241d99c5241269e6faccb4054e62d16784640f8e53bc
Details	sha256	2	ad1b2b89e60707a20e9eb1ca480bc3410ead40643b386d624c5d21b47c02917c
Details	sha256	8	c09040d35630d75dfef0f804f320f8b3d16a481071076918e9b236a321c1ea77
Details	sha256	9	d0d626deb3f9484e649294a8dfa814c5568f846d5aa02d4cdad5d041a29d5600
Details	sha256	4	d3c6785e18fba3749fb785bc313cf8346182f532c59172b69adfb31b96a5d0af
Details	sha256	9	dab758bf98d9b36fa057a66cd0284737abf89857b73ca89280267ee7caf62f3b
Details	sha256	8	eb6fab5a2964c5817fb239a7a5079cabca0a00464fb3e07155f28b0a57a2c0ed
Details	IPv4	7	3.16.81.254
Details	IPv4	5	3.87.182.149
Details	IPv4	8	13.57.184.217
Details	IPv4	10	13.59.205.66
Details	IPv4	5	18.217.225.111
Details	IPv4	5	18.220.219.143
Details	IPv4	4	34.219.234.134
Details	IPv4	7	54.193.127.66
Details	IPv4	7	54.215.192.52
Details	IPv4	2	196.203.11.89
Details	Threat Actor Identifier - APT	665	APT29