ioc[.]one - OSINT Cyber Threat Intelligence Database

Operation Daybreak

Tags

country:	China Kuwait Nepal India South Korea Poland Romania
attack-pattern:	Digital Certificates - T1596.003 Digital Certificates - T1587.003 Digital Certificates - T1588.004 Exploits - T1587.004 Exploits - T1588.005 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	3f952450-ed4e-4810-a07a-be27103b1234
Fingerprint	e4f10cfcc98566b0
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 17, 2016, 6 a.m.
Added to db	April 15, 2023, 1:02 p.m.
Last updated	Oct. 25, 2024, 1:02 p.m.
Headline	Operation Daybreak
Title	Operation Daybreak
Detected Hints/Tags/Attributes	77/2/22

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/operation-daybreak/75100/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	Value
Details	CVE	11	cve-2016-4171
Details	CVE	11	cve-2016-1010
Details	CVE	6	cve-2016-0147
Details	CVE	57	cve-2016-4117
Details	Domain	1	webconncheck.myfw.us
Details	Domain	1	reg.flnet.org
Details	File	11	ap.php
Details	File	6	china.pdf
Details	File	1	yay_release.dll
Details	File	1	cfgifut.dll
Details	File	1	cldbct.dll
Details	File	40	cryptbase.dll
Details	File	12	msfte.dll
Details	File	1	8xrss.php
Details	File	52	exploit.swf
Details	md5	1	8844a537e7f533192ca8e81886e70fbc
Details	md5	1	a6f14b547d9a7190a1f9f1c06f906063
Details	md5	1	e51ce28c2e2d226365bc5315d3e5f83e
Details	md5	1	067681b79756156ba26c12bc36bf835c
Details	md5	1	f8a2d4ddf9dc2de750c8b4b7ee45ba3f
Details	md5	1	3e5ac6bbf108feec97e1cc36560ab0b6
Details	IPv4	1	212.7.217.10