Starry Addax targets human rights defenders in North Africa with new malware
Tags
| cmtmf-attack-pattern: | Masquerading |
| country: | Argentina Morocco Spain Western Sahara |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Model Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Social Media - T1593.001 Tool - T1588.002 Masquerading - T1036 Masquerading |
Common Information
| Type | Value |
|---|---|
| UUID | 4040f7d0-a9f9-431e-8c17-4a08975605cc |
| Fingerprint | 85382d9904bbf719 |
| Analysis status | IN_PROGRESS |
| Considered CTI value | 0 |
| Text language | |
| Published | April 9, 2024, 8:02 a.m. |
| Added to db | Oct. 1, 2024, 3:40 p.m. |
| Last updated | Nov. 17, 2024, 2:49 p.m. |
| Headline | Cisco Talos Blog |
| Title | Starry Addax targets human rights defenders in North Africa with new malware |
| Detected Hints/Tags/Attributes | 62/4/12 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Redirection | https://blog.talosintelligence.com/starry-addax |
| Details | Source | https://blog.talosintelligence.com/starry-addax/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | ondroid.site |
|
| Details | Domain | 317 | bit.ly |
|
| Details | Domain | 1 | www.ondroid.store |
|
| Details | Domain | 904 | snort.org |
|
| Details | Domain | 1 | runningapplications-b7dae-default-rtdb.firebaseio.com |
|
| Details | Domain | 1 | ondroid.store |
|
| Details | File | 2 | fstab.vb |
|
| Details | File | 2 | init.vb |
|
| Details | File | 2 | ueventd.vb |
|
| Details | sha256 | 1 | f7d9c4c7da6082f1498d41958b54d7aeffd0c674aab26db93309e88ca17c826c |
|
| Details | sha256 | 1 | ec2f2944f29b19ffd7a1bb80ec3a98889ddf1c097130db6f30ad28c8bf9501b3 |
|
| Details | Url | 1 | https://runningapplications-b7dae-default-rtdb.firebaseio.com |