Midnight Blizzard (APT29) APT IOCs - Part 16 - SEC-1275-1
Tags
| country: | Ukraine |
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Web Services - T1583.006 Web Services - T1584.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 3e4dd8c0-893d-4ffd-8cac-01eed070e1bb |
| Fingerprint | 4b873b906e058da |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 5, 2024, midnight |
| Added to db | Nov. 5, 2024, 1:46 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Midnight Blizzard (APT29) APT IOCs - Part 16 |
| Title | Midnight Blizzard (APT29) APT IOCs - Part 16 - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 13/2/101 |
Source URLs
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4 | aws-data.cloud |
|
| Details | Domain | 4 | aws-il.cloud |
|
| Details | Domain | 4 | aws-join.cloud |
|
| Details | Domain | 5 | aws-meet.cloud |
|
| Details | Domain | 4 | aws-meetings.cloud |
|
| Details | Domain | 4 | aws-online.cloud |
|
| Details | Domain | 1 | awsplatform.online |
|
| Details | Domain | 4 | aws-s3.cloud |
|
| Details | Domain | 4 | aws-secure.cloud |
|
| Details | Domain | 5 | aws-ukraine.cloud |
|
| Details | Domain | 2 | eru-gov.cloud |
|
| Details | Domain | 2 | feedzai-gov.cloud |
|
| Details | Domain | 2 | gov-au.cloud |
|
| Details | Domain | 2 | gov-aws.cloud |
|
| Details | Domain | 2 | gov-fi.cloud |
|
| Details | Domain | 2 | gov-gr.cloud |
|
| Details | Domain | 2 | gov-lt.cloud |
|
| Details | Domain | 2 | gov-lv.cloud |
|
| Details | Domain | 2 | gov-pl.cloud |
|
| Details | Domain | 2 | govps.cloud |
|
| Details | Domain | 2 | gov-sk.cloud |
|
| Details | Domain | 2 | govtr.cloud |
|
| Details | Domain | 2 | gov-trust.cloud |
|
| Details | Domain | 2 | govua.cloud |
|
| Details | Domain | 2 | gov-ua.cloud |
|
| Details | Domain | 2 | md-gov.cloud |
|
| Details | Domain | 2 | mfa-gov.cloud |
|
| Details | Domain | 2 | mfa-gov-il.cloud |
|
| Details | Domain | 2 | mfa-gov-tr.cloud |
|
| Details | Domain | 2 | mf-gov.cloud |
|
| Details | Domain | 2 | mil-be.cloud |
|
| Details | Domain | 2 | mil-ee.cloud |
|
| Details | Domain | 2 | mil-pl.cloud |
|
| Details | Domain | 2 | mil-pt.cloud |
|
| Details | Domain | 2 | mmr-gov.cloud |
|
| Details | Domain | 2 | mod-gov-il.cloud |
|
| Details | Domain | 2 | mo-gov.cloud |
|
| Details | Domain | 2 | mpo-gov.cloud |
|
| Details | Domain | 2 | mpsv-gov.cloud |
|
| Details | Domain | 2 | msmt-gov.cloud |
|
| Details | Domain | 2 | mv-gov.cloud |
|
| Details | Domain | 2 | my-gov.cloud |
|
| Details | Domain | 2 | mzd-gov.cloud |
|
| Details | Domain | 2 | mze-gov.cloud |
|
| Details | Domain | 2 | mzp-gov.cloud |
|
| Details | Domain | 2 | mzv-gov.cloud |
|
| Details | Domain | 2 | nakit-gov.cloud |
|
| Details | Domain | 2 | nbu-gov.cloud |
|
| Details | Domain | 2 | nukib-gov.cloud |
|
| Details | Domain | 2 | policie-gov.cloud |
|
| Details | Domain | 2 | s3-acronis.cloud |
|
| Details | Domain | 2 | s3-army.cloud |
|
| Details | Domain | 2 | s3-atlassian.cloud |
|
| Details | Domain | 5 | s3-aws.cloud |
|
| Details | Domain | 2 | s3-bah.cloud |
|
| Details | Domain | 2 | s3-be.cloud |
|
| Details | Domain | 2 | s3-blackberry.cloud |
|
| Details | Domain | 2 | s3-csis.cloud |
|
| Details | Domain | 2 | s3-de.cloud |
|
| Details | Domain | 2 | s3-dgap.cloud |
|
| Details | Domain | 2 | s3-dk.cloud |
|
| Details | Domain | 2 | s3-dnc.cloud |
|
| Details | Domain | 2 | s3-esa.cloud |
|
| Details | Domain | 5 | s3-fbi.cloud |
|
| Details | Domain | 2 | s3-hudson.cloud |
|
| Details | Domain | 2 | s3-ida.cloud |
|
| Details | Domain | 2 | s3-iri.cloud |
|
| Details | Domain | 2 | s3-knowbe4.cloud |
|
| Details | Domain | 2 | s3-marcus.cloud |
|
| Details | Domain | 2 | s3-monitoring.cloud |
|
| Details | Domain | 2 | s3-nato.cloud |
|
| Details | Domain | 2 | s3-ned.cloud |
|
| Details | Domain | 5 | s3-nsa.cloud |
|
| Details | Domain | 5 | s3-proofpoint.cloud |
|
| Details | Domain | 2 | s3-pt.cloud |
|
| Details | Domain | 2 | s3-rackspace.cloud |
|
| Details | Domain | 2 | s3-rand.cloud |
|
| Details | Domain | 2 | s3-spacex.cloud |
|
| Details | Domain | 2 | s3-state.cloud |
|
| Details | Domain | 2 | s3-stig.cloud |
|
| Details | Domain | 2 | s3-ua.cloud |
|
| Details | Domain | 2 | s3-ucia.cloud |
|
| Details | Domain | 2 | s3-zoho.cloud |
|
| Details | Domain | 2 | ua-aws.army |
|
| Details | Domain | 2 | ua-energy.cloud |
|
| Details | Domain | 2 | ua-gov.cloud |
|
| Details | Domain | 2 | ua-mil.cloud |
|
| Details | Domain | 2 | ua-se.cloud |
|
| Details | Domain | 2 | ua-sec.cloud |
|
| Details | Domain | 2 | ua-sn.cloud |
|
| Details | Domain | 1 | ukrtelecom.cloud |
|
| Details | Domain | 2 | uohs-gov.cloud |
|
| Details | Domain | 2 | uoou-gov.cloud |
|
| Details | Domain | 2 | vlada-gov.cloud |
|
| Details | Domain | 2 | voa-gov.cloud |
|
| Details | Domain | 1 | zero-trust.solutions |
|
| Details | sha256 | 4 | 280fbf353fdffefc5a0af40c706377142fff718c7b87bc8b0daab10849f388d0 |
|
| Details | sha256 | 4 | 8b45f5a173e8e18b0d5c544f9221d7a1759847c28e62a25210ad8265f07e96d5 |
|
| Details | sha256 | 4 | ba4d58f2c5903776fe47c92a0ec3297cc7b9c8fa16b3bf5f40b46242e7092b46 |
|
| Details | sha256 | 4 | f357d26265a59e9c356be5a8ddb8d6533d1de222aae969c2ad4dc9c40863bfe8 |
|
| Details | Threat Actor Identifier - APT | 665 | APT29 |