Expanding APT42 Intelligence with Validin | Validin
Tags
| attack-pattern: | Data Direct Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | 56f8e7fd-cc35-4498-9241-51e495a7b9b6 |
| Fingerprint | 29148dd16f3815a8 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | May 3, 2024, midnight |
| Added to db | Nov. 19, 2024, 3:45 p.m. |
| Last updated | Dec. 19, 2024, 8:44 p.m. |
| Headline | Expanding APT42 Intelligence with Validin |
| Title | Expanding APT42 Intelligence with Validin | Validin |
| Detected Hints/Tags/Attributes | 38/1/117 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.validin.com/blog/expanding-apt42-intelligence-with-validin/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | elated-supportive-exultation.top |
|
| Details | Domain | 1 | permission-data.online |
|
| Details | Domain | 1 | meeting-share.online |
|
| Details | Domain | 1 | files-archive.online |
|
| Details | Domain | 1 | share-meeting.online |
|
| Details | Domain | 1 | modification-check.online |
|
| Details | Domain | 1 | direction-check.online |
|
| Details | Domain | 1 | allow-permission.online |
|
| Details | Domain | 1 | 15248636.site |
|
| Details | Domain | 1 | activity-179384736.site |
|
| Details | Domain | 1 | web-getdata.site |
|
| Details | Domain | 1 | jubilatesee.site |
|
| Details | Domain | 1 | online-meeting.site |
|
| Details | Domain | 1 | short-modification.site |
|
| Details | Domain | 1 | direction-session-verify.site |
|
| Details | Domain | 1 | france24.live |
|
| Details | Domain | 1 | videocallservice.live |
|
| Details | Domain | 1 | paneling-check-live.live |
|
| Details | Domain | 1 | paneling-cheking-df.live |
|
| Details | Domain | 1 | pnael-checking.live |
|
| Details | Domain | 1 | shorting-urling.live |
|
| Details | Domain | 1 | short-urling.live |
|
| Details | Domain | 1 | shorturling.live |
|
| Details | Domain | 3 | 3dauth.live |
|
| Details | Domain | 1 | shortoni.live |
|
| Details | Domain | 1 | conferencecall.live |
|
| Details | Domain | 1 | panel-status-join.live |
|
| Details | Domain | 1 | confirm-validation.mywire.org |
|
| Details | Domain | 1 | gatestonelnstitute.org |
|
| Details | Domain | 1 | atlanticconucil.org |
|
| Details | Domain | 1 | continue-recognized.hopto.org |
|
| Details | Domain | 1 | review-session.hopto.org |
|
| Details | Domain | 1 | session-review.hopto.org |
|
| Details | Domain | 1 | confirmation-verify.hopto.org |
|
| Details | Domain | 1 | confirm-validity.hopto.org |
|
| Details | Domain | 1 | businessinssider.org |
|
| Details | Domain | 1 | responsiblestatcraft.org |
|
| Details | Domain | 3 | safeshortl.ink |
|
| Details | Domain | 1 | clarification.network |
|
| Details | Domain | 1 | products-services.network |
|
| Details | Domain | 1 | accredit.network |
|
| Details | Domain | 1 | recognize-validation.theworkpc.com |
|
| Details | Domain | 4 | accounts-drive.com |
|
| Details | Domain | 1 | account-drive.com |
|
| Details | Domain | 1 | atlanticcuoncil.com |
|
| Details | Domain | 1 | drive-signin.com |
|
| Details | Domain | 1 | account-siqnin.com |
|
| Details | Domain | 1 | confirm-verify.servepics.com |
|
| Details | Domain | 1 | tinurls.com |
|
| Details | Domain | 1 | drive-acconuts.com |
|
| Details | Domain | 1 | drive-account.com |
|
| Details | Domain | 1 | drive-acconut.com |
|
| Details | Domain | 1 | centrallibrary.info |
|
| Details | Domain | 1 | un-call.services |
|
| Details | Domain | 1 | continue-recognized.ddns.net |
|
| Details | Domain | 1 | eatonthehotground.ddns.net |
|
| Details | Domain | 1 | schoolofpinkmice.ddns.net |
|
| Details | Domain | 1 | identifier-service.ddns.net |
|
| Details | Domain | 1 | verify-corroborate.ddns.net |
|
| Details | Domain | 1 | digitalpufferfish.ddns.net |
|
| Details | Domain | 1 | validation-confirm.ddns.net |
|
| Details | Domain | 1 | flowerskindergarten.ddns.net |
|
| Details | Domain | 1 | identity-session.ddns.net |
|
| Details | Domain | 1 | confirm-validation.ddns.net |
|
| Details | Domain | 1 | oceanofinformation.ddns.net |
|
| Details | Domain | 1 | confirm-direction.ddns.net |
|
| Details | Domain | 1 | strainitiatives.ddns.net |
|
| Details | Domain | 1 | identifier-direct.ddns.net |
|
| Details | Domain | 1 | ourredbucket.ddns.net |
|
| Details | Domain | 1 | validity-accredit.ddns.net |
|
| Details | Domain | 1 | thefireisburnt.ddns.net |
|
| Details | Domain | 1 | africanblackwidow.ddns.net |
|
| Details | Domain | 1 | modification-verify.ddns.net |
|
| Details | Domain | 1 | identifier-verify.ddns.net |
|
| Details | Domain | 1 | direction-veracity.ddns.net |
|
| Details | Domain | 1 | accredit-validity.ddns.net |
|
| Details | Domain | 1 | confirm-integrity.ddns.net |
|
| Details | IPv4 | 2 | 135.181.203.1 |
|
| Details | IPv4 | 1 | 78.47.209.46 |
|
| Details | IPv4 | 1 | 94.131.11.228 |
|
| Details | IPv4 | 1 | 176.9.145.182 |
|
| Details | IPv4 | 1 | 192.95.36.226 |
|
| Details | IPv4 | 1 | 209.133.196.67 |
|
| Details | IPv4 | 1 | 217.20.117.39 |
|
| Details | IPv4 | 1 | 5.39.216.110 |
|
| Details | IPv4 | 1 | 62.204.58.40 |
|
| Details | IPv4 | 1 | 138.124.184.240 |
|
| Details | IPv4 | 1 | 101.99.94.50 |
|
| Details | IPv4 | 1 | 149.56.179.250 |
|
| Details | IPv4 | 1 | 62.204.58.41 |
|
| Details | IPv4 | 1 | 185.141.63.51 |
|
| Details | IPv4 | 1 | 216.194.165.171 |
|
| Details | IPv4 | 1 | 185.110.190.91 |
|
| Details | IPv4 | 1 | 185.110.190.102 |
|
| Details | IPv4 | 1 | 95.164.116.122 |
|
| Details | IPv4 | 1 | 146.0.74.232 |
|
| Details | IPv4 | 1 | 62.204.58.42 |
|
| Details | IPv4 | 1 | 216.194.165.52 |
|
| Details | IPv4 | 1 | 135.181.17.82 |
|
| Details | IPv4 | 1 | 146.0.74.233 |
|
| Details | IPv4 | 1 | 66.151.40.83 |
|
| Details | IPv4 | 1 | 136.243.236.93 |
|
| Details | IPv4 | 2 | 144.217.139.134 |
|
| Details | IPv4 | 1 | 62.204.58.44 |
|
| Details | IPv4 | 1 | 192.64.117.164 |
|
| Details | IPv4 | 1 | 66.151.40.84 |
|
| Details | IPv4 | 1 | 5.39.218.85 |
|
| Details | IPv4 | 1 | 204.12.216.126 |
|
| Details | IPv4 | 1 | 5.39.218.86 |
|
| Details | IPv4 | 1 | 151.236.14.137 |
|
| Details | IPv4 | 1 | 158.69.7.158 |
|
| Details | IPv4 | 1 | 95.169.196.78 |
|
| Details | IPv4 | 1 | 5.39.216.109 |
|
| Details | IPv4 | 1 | 151.236.28.129 |
|
| Details | IPv4 | 1 | 209.133.196.69 |
|
| Details | IPv4 | 1 | 216.194.165.99 |
|
| Details | Threat Actor Identifier - APT | 131 | APT42 |