Mind the (air) gap: GoldenJackal gooses government guardrails
Tags
Common Information
Type | Value |
---|---|
UUID | 3b969cbf-2220-4faf-9311-c4d04f1dbfe0 |
Fingerprint | 9524965b21a5ae91 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Oct. 7, 2024, midnight |
Added to db | Oct. 8, 2024, 6:26 p.m. |
Last updated | Dec. 11, 2024, 6:12 a.m. |
Headline | Mind the (air) gap: GoldenJackal gooses government guardrails |
Title | Mind the (air) gap: GoldenJackal gooses government guardrails |
Detected Hints/Tags/Attributes | 255/4/141 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 501 | ✔ | WeLiveSecurity | https://www.welivesecurity.com/category/cybercrime,malware,cybersecurity,password,scams,vulnerability,hacking,android-2,ransomware-malware,threat-reports/feed/ | 2024-08-31 09:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | 0e6c.py |
|
Details | Domain | 1 | edc5-4055-37cd-d2d2.py |
|
Details | Domain | 1 | 5488-240b-c00f-203a.py |
|
Details | Domain | 1 | 8744-a287-35be-4ea0.py |
|
Details | Domain | 1 | 63d5-be5f-e4df-7e65.py |
|
Details | Domain | 1 | c7b4-0999-aec4-a0c8.py |
|
Details | Domain | 1 | 1ee0-7c3a-3331-4df3.py |
|
Details | Domain | 1 | a86b-108c-36c7-6972.py |
|
Details | Domain | 1 | 2648-69f9-6dc0-3476.py |
|
Details | Domain | 1 | 9ea4-fb87-6d57-924a.py |
|
Details | Domain | 1 | 4b19-7f72-8c17-dceb.py |
|
Details | Domain | 1 | mysmb.py |
|
Details | Domain | 6 | checker.py |
|
Details | Domain | 1 | 8b55-3ac9-5c30-d0c4.py |
|
Details | Domain | 1 | 0ffc-667e-dce4-b270.py |
|
Details | Domain | 1 | update46.zip |
|
Details | Domain | 13 | smtp-mail.outlook.com |
|
Details | Domain | 9 | smtp.office365.com |
|
Details | Domain | 284 | outlook.com |
|
Details | Domain | 117 | eset.com |
|
Details | Domain | 1 | spy.agent.ca |
|
Details | Domain | 4 | assistance.uz |
|
Details | Domain | 3 | thehistore.com |
|
Details | Domain | 3 | xgraphic.ro |
|
Details | 2 | mariaalpane@outlook.com |
||
Details | 2 | katemarien087@outlook.com |
||
Details | 2 | spanosmitsotakis@outlook.com |
||
Details | 72 | threatintel@eset.com |
||
Details | File | 486 | lsass.exe |
|
Details | File | 1 | winaeromodule.exe |
|
Details | File | 1 | 0e6c.py |
|
Details | File | 1 | edc5-4055-37cd-d2d2.py |
|
Details | File | 1 | 5488-240b-c00f-203a.py |
|
Details | File | 1 | 8744-a287-35be-4ea0.py |
|
Details | File | 1 | 63d5-be5f-e4df-7e65.py |
|
Details | File | 1 | c7b4-0999-aec4-a0c8.py |
|
Details | File | 1 | 1ee0-7c3a-3331-4df3.py |
|
Details | File | 1 | a86b-108c-36c7-6972.py |
|
Details | File | 1 | 2648-69f9-6dc0-3476.py |
|
Details | File | 1 | 9ea4-fb87-6d57-924a.py |
|
Details | File | 1 | 4b19-7f72-8c17-dceb.py |
|
Details | File | 1 | mysmb.py |
|
Details | File | 7 | checker.py |
|
Details | File | 1 | 8b55-3ac9-5c30-d0c4.py |
|
Details | File | 1 | 0ffc-667e-dce4-b270.py |
|
Details | File | 1 | reports.ini |
|
Details | File | 1 | squirrelcache.dat |
|
Details | File | 24 | update.bat |
|
Details | File | 1 | %username%\\appdata\\local\\update.exe |
|
Details | File | 178 | update.exe |
|
Details | File | 414 | c:\windows\system32\cmd.exe |
|
Details | File | 1 | update46.zip |
|
Details | File | 1 | update46.tar |
|
Details | File | 8 | openssl.exe |
|
Details | File | 1 | libssl-3-x64.dll |
|
Details | File | 2 | libcrypto-3-x64.dll |
|
Details | File | 1 | duplxer_black_list_for_external_use.py |
|
Details | File | 1 | send_to_hole.py |
|
Details | File | 1 | c:\programdata\microsoft\windows\caches\cversions.ini |
|
Details | File | 2 | press.pdf |
|
Details | File | 7 | credentials.json |
|
Details | File | 2 | token.json |
|
Details | File | 1 | winaero.exe |
|
Details | File | 1 | officeautocomplete.exe |
|
Details | File | 1 | prinntfy.dll |
|
Details | File | 1 | zupdater.exe |
|
Details | File | 3 | fc.exe |
|
Details | File | 4 | fp.exe |
|
Details | File | 8 | cb.exe |
|
Details | File | 107 | googleupdate.exe |
|
Details | File | 2196 | cmd.exe |
|
Details | sha1 | 3 | da9562f5268fa61d19648dff9c6a57fb8ab7b0d7 |
|
Details | sha1 | 3 | 5f12ffd272aabc0d5d611d18812a196a6ea2faa9 |
|
Details | sha1 | 3 | 6de7894f1971fdc1df8c4e4c2edcc4f4489353b6 |
|
Details | sha1 | 3 | 7cb7c3e98cab2226f48ba956d3be79c52ab62140 |
|
Details | sha1 | 3 | 8f722eb29221c6eaea9a96971d7fb78dab2ad923 |
|
Details | sha1 | 3 | 24fbcec23e8b4b40fea188132b0e4a90c65e3ffb |
|
Details | sha1 | 3 | a87ceb21ef88350707f278063d7701bde0f8b6b7 |
|
Details | sha1 | 3 | 9cbe8f7079da75d738302d7db7e97a92c4de5b71 |
|
Details | sha1 | 3 | 9083431a738f031ac6e33f0e9133b3080f641d90 |
|
Details | sha1 | 3 | c830efd843a233c170285b4844c5960ba8381979 |
|
Details | sha1 | 3 | f7192914e00dd0ce31df0911c073f522967c6a97 |
|
Details | sha1 | 3 | b2baa5898505b32df7fe0a7209fc0a8673726509 |
|
Details | IPv4 | 209 | 1.1.1.1 |
|
Details | IPv4 | 3 | 83.24.9.124 |
|
Details | IPv4 | 3 | 196.29.32.210 |
|
Details | MITRE ATT&CK Techniques | 63 | T1583.003 |
|
Details | MITRE ATT&CK Techniques | 34 | T1583.004 |
|
Details | MITRE ATT&CK Techniques | 14 | T1584.006 |
|
Details | MITRE ATT&CK Techniques | 101 | T1587.001 |
|
Details | MITRE ATT&CK Techniques | 8 | T1585.003 |
|
Details | MITRE ATT&CK Techniques | 59 | T1588.002 |
|
Details | MITRE ATT&CK Techniques | 482 | T1059.001 |
|
Details | MITRE ATT&CK Techniques | 352 | T1059.003 |
|
Details | MITRE ATT&CK Techniques | 60 | T1059.006 |
|
Details | MITRE ATT&CK Techniques | 244 | T1106 |
|
Details | MITRE ATT&CK Techniques | 180 | T1569.002 |
|
Details | MITRE ATT&CK Techniques | 380 | T1204.002 |
|
Details | MITRE ATT&CK Techniques | 183 | T1543.003 |
|
Details | MITRE ATT&CK Techniques | 397 | T1547.001 |
|
Details | MITRE ATT&CK Techniques | 286 | T1053.005 |
|
Details | MITRE ATT&CK Techniques | 98 | T1564.001 |
|
Details | MITRE ATT&CK Techniques | 307 | T1070.004 |
|
Details | MITRE ATT&CK Techniques | 186 | T1036.005 |
|
Details | MITRE ATT&CK Techniques | 25 | T1036.008 |
|
Details | MITRE ATT&CK Techniques | 558 | T1112 |
|
Details | MITRE ATT&CK Techniques | 18 | T1027.013 |
|
Details | MITRE ATT&CK Techniques | 90 | T1552.001 |
|
Details | MITRE ATT&CK Techniques | 27 | T1552.004 |
|
Details | MITRE ATT&CK Techniques | 73 | T1087.001 |
|
Details | MITRE ATT&CK Techniques | 598 | T1083 |
|
Details | MITRE ATT&CK Techniques | 170 | T1046 |
|
Details | MITRE ATT&CK Techniques | 188 | T1120 |
|
Details | MITRE ATT&CK Techniques | 443 | T1057 |
|
Details | MITRE ATT&CK Techniques | 246 | T1018 |
|
Details | MITRE ATT&CK Techniques | 188 | T1518 |
|
Details | MITRE ATT&CK Techniques | 1022 | T1082 |
|
Details | MITRE ATT&CK Techniques | 42 | T1016.001 |
|
Details | MITRE ATT&CK Techniques | 184 | T1135 |
|
Details | MITRE ATT&CK Techniques | 113 | T1210 |
|
Details | MITRE ATT&CK Techniques | 56 | T1091 |
|
Details | MITRE ATT&CK Techniques | 29 | T1560.002 |
|
Details | MITRE ATT&CK Techniques | 113 | T1119 |
|
Details | MITRE ATT&CK Techniques | 542 | T1005 |
|
Details | MITRE ATT&CK Techniques | 34 | T1025 |
|
Details | MITRE ATT&CK Techniques | 51 | T1074.001 |
|
Details | MITRE ATT&CK Techniques | 35 | T1114.001 |
|
Details | MITRE ATT&CK Techniques | 461 | T1071.001 |
|
Details | MITRE ATT&CK Techniques | 9 | T1092 |
|
Details | MITRE ATT&CK Techniques | 101 | T1132.001 |
|
Details | MITRE ATT&CK Techniques | 97 | T1572 |
|
Details | MITRE ATT&CK Techniques | 35 | T1090.001 |
|
Details | MITRE ATT&CK Techniques | 433 | T1041 |
|
Details | MITRE ATT&CK Techniques | 3 | T1052.001 |
|
Details | MITRE ATT&CK Techniques | 102 | T1567.002 |
|
Details | MITRE ATT&CK Techniques | 19 | T1048.002 |
|
Details | Url | 3 | https://1.1.1.1 |
|
Details | Url | 2 | https://83.24.9.124 |
|
Details | Url | 2 | http://196.29.32.210 |
|
Details | Url | 1 | https://83.24.9.124/8102/. |
|
Details | Windows Registry Key | 3 | HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced |