Winnti APT IOCs - SEC-1275-1
Tags
attack-pattern: Domains - T1583.001 Domains - T1584.001
Show in Graph
Common Information
Type Value
UUID 4e699ed8-d4db-4836-aab0-a79a9df1a267
Fingerprint 1f10a28a61b35b69
Analysis status DONE
Considered CTI value 0
Text language
Published Dec. 17, 2024, midnight
Added to db Dec. 17, 2024, 8:41 a.m.
Last updated Dec. 17, 2024, 8:41 a.m.
Headline Winnti APT IOCs
Title Winnti APT IOCs - SEC-1275-1
Detected Hints/Tags/Attributes 9/1/21
Source URLs
Redirection Url
Details Source https://1275.ru/ioc/8609/winnti-apt-iocs/?mtm_campaign=rss
URL Provider
Details Provider Source level domain
Details 1275.ru 1275.ru
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 8 Архивы IOC - SEC-1275-1 https://1275.ru/ioc/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 4 
cc.thinkphp1.com
Details Domain 4 
thinkphp1.com
Details Domain 4 
v6.thinkphp1.com
Details Domain 3 
jklwang.com
Details Domain 4 
v20.thinkphp1.com
Details File 3 
init_task.txt
Details md5 4 
ac290ca4b5d9bab434594b08e0883fc5
Details md5 4 
00c5488873e4b3e72d1ccc3da1d1f7e4
Details md5 4 
17dfbdae01ce4f0615e9a6f4a12036c4
Details md5 4 
31c1c0ea4f9b85a7cddc992613f42a43
Details md5 4 
4914b8e63f431fc65664c2a7beb7ecd5
Details md5 4 
69ed3ec3262a0d9cc4fd60cebfef2a17
Details md5 4 
6b5a58d7b82a57cddcd4e43630bb6542
Details md5 4 
722a9acd6d101faf3e7168bec35b08f8
Details md5 4 
8e734319f78c1fb5308b1e270c865df4
Details md5 4 
8fe73efbf5fd0207f9f4357adf081e35
Details md5 4 
ba95fce092d48ba8c3ee8456ee4570e4
Details md5 4 
f8ca32cb0336aaa1b30b8637acd8328d
Details IPv4 6 
172.247.127.210
Details IPv4 5 
156.251.163.120
Details Url 4 
http://v6.thinkphp1.com/client/bt