ioc[.]one - OSINT Cyber Threat Intelligence Database

蓝色魔眼（APT-C-41）组织首次针对我国重要机构定向攻击活动披露

Tags

country:	Italy
attack-pattern:	Software - T1592.002

Show in Graph

Common Information

Type	Value
UUID	52fba3df-3e75-4726-bc76-c1288d68c720
Fingerprint	f6daf89e87d26abf
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 11, 2014, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 13, 2024, 8:34 a.m.
Headline	蓝色魔眼（APT-C-41）组织首次针对我国重要机构定向攻击活动披露
Title	蓝色魔眼（APT-C-41）组织首次针对我国重要机构定向攻击活动披露
Detected Hints/Tags/Attributes	9/2/27

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s/5No0TR4ECVPp_Xv4joXEBg

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

Attributes

Details	Type	#Events	Value
Details	Domain	67	360.cn
Details	File	1	skype的升级程序加载同路径下的wtsapi32.dll
Details	File	41	wtsapi32.dll
Details	File	2	comti.dll
Details	File	1	lngwyztn.dll
Details	File	2	scpctr.dll
Details	File	2	whtnwfc.dll
Details	File	2	kltgtr.dll
Details	File	1	通信组件模块名为comti.dll
Details	File	1	该组件模块名为lngwyztn.dll
Details	File	1	该组件模块名为scpctr.dll
Details	File	1	该组件模块名为kltgtr.dll
Details	File	1	该组件模块名为whtnwfc.dll
Details	File	1	文件内容记录组件尝试读取rdctv.tmp
Details	File	1	rdctv.tmp
Details	File	1	2或rdctv.cab
Details	File	1	创建inf_loc_fiz_.tmp
Details	File	1	将想要获取的文件使用zip库压缩至inf_loc_fiz_.tmp
Details	File	1	读取inf_loc_fiz_.tmp
Details	md5	1	d54de33412fc967fef50899ec62a41c7
Details	md5	1	4477ab2bc31cf3a2e8535967489cdc4b
Details	md5	1	5963ae6ae5510c5a04b02e18a11d5c1b
Details	md5	1	9a10108321d2aa0edaa00ebaecb6bb90
Details	md5	1	9d212f33a37df2c550a981b10c295788
Details	md5	1	adcdd7cde9e6d2e05bbf9011d50999cf
Details	md5	1	d3a7a52f1b6e8c91a16f1ed0ab360e3a
Details	Threat Actor Identifier - APT-C	5	APT-C-41