Novel attack on Windows spotted in Chinese phishing campaign
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 4e885a3d-a2e0-4b76-8051-d6cf24aa00c9 |
| Fingerprint | 79088d99a6279eca |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Sept. 2, 2024, 3:06 a.m. |
| Added to db | Sept. 2, 2024, 6:24 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Novel attack on Windows spotted in phishing campaign run from and targeting China |
| Title | Novel attack on Windows spotted in Chinese phishing campaign |
| Detected Hints/Tags/Attributes | 46/3/21 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 99 | ✔ | Cyware News - Latest Cyber News | https://cyware.com/allnews/feed | 2024-08-30 22:08 |
| Details | 213 | ✔ | Cyberwar News ≈ Packet Storm | https://rss.packetstormsecurity.com/news/tags/cyberwar/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 5 | 20240739人员名单信息.zip |
|
| Details | File | 9 | 违规远程控制软件人员名单.docx |
|
| Details | File | 24 | dui70.dll |
|
| Details | File | 14 | ui.exe |
|
| Details | File | 10 | licensingui.exe |
|
| Details | File | 22 | runonce.exe |
|
| Details | File | 4 | fpr.exe |
|
| Details | File | 10 | iox.exe |
|
| Details | File | 9 | fscan.exe |
|
| Details | File | 32 | result.txt |
|
| Details | File | 4 | netspy.exe |
|
| Details | File | 2 | netspy.log |
|
| Details | File | 8 | alive.txt |
|
| Details | File | 8 | lld.exe |
|
| Details | File | 7 | tmp.log |
|
| Details | File | 6 | xxx.txt |
|
| Details | File | 9 | sharpdecryptpwd.exe |
|
| Details | File | 5 | pvefindaduser.exe |
|
| Details | File | 12 | document.txt |
|
| Details | File | 4 | gogo_windows_amd64.exe |
|
| Details | File | 63 | output.txt |