Geopolitical nation-state threat actor overview June 2021
Tags
| country: | Cambodia China India Iran Pakistan Thailand Myanmar Vietnam United States Of America |
| attack-pattern: | Data Direct Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 45d7ad30-529d-40f6-bb25-930c1f610261 |
| Fingerprint | 44bd9d9f8ff78424 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 2, 2021, 7:46 a.m. |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Anchored Narratives on Threat Intelligence and Geopolitics |
| Title | Geopolitical nation-state threat actor overview June 2021 |
| Detected Hints/Tags/Attributes | 76/2/52 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | howard-maria.me |
|
| Details | Domain | 1 | g6rqlx1vlh.lb |
|
| Details | Domain | 396 | protonmail.com |
|
| Details | Domain | 1 | sjbingdu.info |
|
| Details | 2 | masters.michelle@protonmail.com |
||
| Details | File | 1 | skills.exe |
|
| Details | File | 2 | dir.log |
|
| Details | File | 1 | c:\\users\\public\\libraries\\touch\\acrord32.dll |
|
| Details | File | 2 | i.docm |
|
| Details | File | 2 | point.ppt |
|
| Details | File | 2 | trbgertrnion.exe |
|
| Details | md5 | 1 | 8c560cf2281320736e03f126d978ba28 |
|
| Details | md5 | 1 | cb142b1fe66cd3720b7d2cb054d50f82 |
|
| Details | md5 | 1 | e38c06f83a5c1b0a4f82c965a4c78654 |
|
| Details | md5 | 1 | 15398d1f1280c5b40deae7f91cc06b36 |
|
| Details | md5 | 1 | 5ea012cc4aca5eb4ff4211ae32dabb9d |
|
| Details | md5 | 1 | 8bd5dd1fe94bf55a3fcf16d669a90686 |
|
| Details | md5 | 1 | 335e604a7c3866b3fad6e8ee6989ddb9 |
|
| Details | md5 | 1 | 1858b880e23f1df3735f00719c2c28a3 |
|
| Details | md5 | 1 | a90ae3747764127decae5a0d7856ef95 |
|
| Details | md5 | 1 | e2919dea773eb0796e46e126dbce17b1 |
|
| Details | md5 | 1 | 63ff31ede9713c10ba6b6f965167cbbd |
|
| Details | md5 | 2 | ab25014c3d6f77ec5880c8f9728be968 |
|
| Details | md5 | 1 | e7737a2e170459905216622f2d43e4da |
|
| Details | md5 | 1 | 1242ae39377b855f10fee9d61188dba9 |
|
| Details | md5 | 1 | b3771f1b343c575392b261cc9bbe5675 |
|
| Details | md5 | 1 | 34596914beb5d8a615662a4b21e5c1f7 |
|
| Details | md5 | 1 | 3aac297222bd691edb2b9c3ccb5b7e4c |
|
| Details | md5 | 1 | 92da5c6a3212a1b806d0729a07d0f1db |
|
| Details | md5 | 2 | 4a7ff92e0ea13b41a5e3410c3becfb2e |
|
| Details | md5 | 2 | 54d5743efcc5511368c6c04bf6840a59 |
|
| Details | md5 | 2 | 6d88dcb578cef59d3d0244d1e93b0f57 |
|
| Details | md5 | 2 | 5cbcc3485f4286098b3a111ceec8ce54 |
|
| Details | md5 | 2 | c08e1509f379755df710d5a8fd4ff175 |
|
| Details | md5 | 1 | b03e0568a5f26addc51c8a3e32baeb7f |
|
| Details | md5 | 1 | 9dadf9ce41994f869e8c35e1917b8238 |
|
| Details | sha1 | 1 | 1854b3dcd60b46e6039972824faea889435a19c3 |
|
| Details | sha256 | 1 | 823bf27b1e559d6607f5224ab99de1c83bb5d36e2ed0e6644d551e94ec45d248 |
|
| Details | IPv4 | 1 | 185.225.19.100 |
|
| Details | IPv4 | 2 | 176.118.167.36 |
|
| Details | IPv4 | 2 | 185.239.226.17 |
|
| Details | IPv4 | 1 | 103.200.97.189 |
|
| Details | IPv4 | 2 | 198.23.210.211 |
|
| Details | IPv4 | 2 | 167.160.166.80 |
|
| Details | IPv4 | 3 | 5.189.170.84 |
|
| Details | Pdb | 2 | e:\\core-projects\\adii\\trbgertrnion\\trbgertrnion\\obj\\debug\\trbgertrnion.pdb |
|
| Details | Threat Actor Identifier - APT-C | 79 | APT-C-23 |
|
| Details | Threat Actor Identifier - APT | 258 | APT34 |
|
| Details | Threat Actor Identifier - APT | 522 | APT41 |
|
| Details | Threat Actor Identifier - APT | 132 | APT32 |
|
| Details | Threat Actor Identifier - APT | 121 | APT36 |
|
| Details | Url | 1 | https://t.co/g6rqlx1vlh.lb |