Project TajMahal – a sophisticated new APT framework | Securelist
Tags
| attack-pattern: | Data Domains - T1583.001 Domains - T1584.001 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | 599ab399-4398-4000-a6f0-fc8a34e65988 |
| Fingerprint | ff56926c05266403 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 10, 2019, 3:10 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 1, 2024, 11:08 p.m. |
| Headline | Project TajMahal – a sophisticated new APT framework |
| Title | Project TajMahal – a sophisticated new APT framework | Securelist |
| Detected Hints/Tags/Attributes | 48/1/174 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://securelist.com/project-tajmahal/90240/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 338 | kaspersky.com |
|
| Details | Domain | 1 | rahasn.webhop.org |
|
| Details | Domain | 1 | rahasn.akamake.net |
|
| Details | Domain | 1 | rahasn.homewealth.biz |
|
| Details | Domain | 1 | freeimage.sourceforge.net |
|
| Details | 147 | intelreports@kaspersky.com |
||
| Details | File | 1 | cs64.dll |
|
| Details | File | 1 | cs32.dll |
|
| Details | File | 1 | li64.dll |
|
| Details | File | 1 | li32.dll |
|
| Details | File | 1 | ad64.dll |
|
| Details | File | 1 | ad32.dll |
|
| Details | File | 1 | le64.dll |
|
| Details | File | 1 | le32.dll |
|
| Details | File | 1 | adxx.dll |
|
| Details | File | 1 | me64.dll |
|
| Details | File | 1 | me32.dll |
|
| Details | File | 1 | ma32.dll |
|
| Details | File | 3 | wwahost.exe |
|
| Details | File | 2 | audacity.exe |
|
| Details | File | 1 | ams_api64.dll |
|
| Details | File | 1 | ams_api32.dll |
|
| Details | File | 1 | exxx.dll |
|
| Details | File | 1 | pdxx.dll |
|
| Details | File | 1 | sgxx.dll |
|
| Details | File | 1 | ex64.dll |
|
| Details | File | 1 | ex32.dll |
|
| Details | File | 1 | fe64.dll |
|
| Details | File | 1 | fe32.dll |
|
| Details | File | 2 | pd64.dll |
|
| Details | File | 1 | pd32.dll |
|
| Details | File | 1 | libpng64.dll |
|
| Details | File | 1 | libpng32.dll |
|
| Details | File | 1 | ssxx.dll |
|
| Details | File | 1 | rs64.dll |
|
| Details | File | 1 | rs32.dll |
|
| Details | File | 1 | ix32.dll |
|
| Details | File | 1 | ix64.dll |
|
| Details | File | 1 | rsxx.dll |
|
| Details | File | 1 | obj32.bin |
|
| Details | File | 1 | obj64.bin |
|
| Details | File | 1 | mexx.dll |
|
| Details | File | 1 | sc64.dll |
|
| Details | File | 1 | sc32.dll |
|
| Details | File | 1 | sg64.dll |
|
| Details | File | 1 | sg32.dll |
|
| Details | File | 1 | st64.dll |
|
| Details | File | 1 | st32.dll |
|
| Details | File | 1 | zip64.dll |
|
| Details | File | 1 | zip32.dll |
|
| Details | File | 1 | inxx.dll |
|
| Details | File | 1 | csxx.dll |
|
| Details | File | 1 | zlib64.dll |
|
| Details | File | 1 | zlib32.dll |
|
| Details | File | 1 | libpngxx.dll |
|
| Details | File | 1 | il32.dll |
|
| Details | File | 1 | in32.dll |
|
| Details | File | 1 | in64.dll |
|
| Details | File | 1 | zipxx.dll |
|
| Details | File | 1 | isys9core_64.dll |
|
| Details | File | 1 | isyspdf6_64.dll |
|
| Details | File | 1 | isyspdfl_64.dll |
|
| Details | File | 1 | isysdc_64.dll |
|
| Details | File | 1 | isys9.key |
|
| Details | File | 1 | isys9_32.dll |
|
| Details | File | 1 | isys9core_32.dll |
|
| Details | File | 1 | isyspdf6_32.dll |
|
| Details | File | 1 | isyspdfl_32.dll |
|
| Details | File | 1 | isysdc_32.dll |
|
| Details | File | 1 | isys9_64.dll |
|
| Details | File | 1 | objectviewer.exe |
|
| Details | File | 1 | sqlite3_64.dll |
|
| Details | File | 1 | sqlite3_32.dll |
|
| Details | File | 1 | tn32.dll |
|
| Details | File | 1 | tn64.dll |
|
| Details | File | 1 | freeimage_32.dll |
|
| Details | File | 1 | freeimageplus_32.dll |
|
| Details | File | 1 | freeimage_64.dll |
|
| Details | File | 1 | freeimageplus_64.dll |
|
| Details | File | 1 | tnxx.dll |
|
| Details | File | 1 | ku64.dll |
|
| Details | File | 1 | ku32.dll |
|
| Details | File | 1 | pm64.dll |
|
| Details | File | 1 | pm32.dll |
|
| Details | File | 1 | rc64.dll |
|
| Details | File | 1 | rc32.dll |
|
| Details | File | 1 | rn64.dll |
|
| Details | File | 1 | rn32.dll |
|
| Details | File | 1 | ss64.dll |
|
| Details | File | 1 | ss32.dll |
|
| Details | File | 2 | vm32.dll |
|
| Details | File | 1 | vm64.dll |
|
| Details | File | 1 | wc64.dll |
|
| Details | File | 1 | wc32.dll |
|
| Details | File | 2 | default.cfg |
|
| Details | File | 1 | runin.bin |
|
| Details | File | 1 | morph.dat |
|
| Details | md5 | 1 | 22d142f11cf2a30ea4953e1fffb0fa7e |
|
| Details | md5 | 1 | 2317d65da4639f4246de200650a70753 |
|
| Details | md5 | 1 | 27612cb03c89158225ca201721ea1aad |
|
| Details | md5 | 1 | 412956675fbc3f8c51f438c1abc100eb |
|
| Details | md5 | 1 | 490a140093b5870a47edc29f33542fd2 |
|
| Details | md5 | 1 | 51a7068640af42c3a7c1b94f1c11ab9d |
|
| Details | md5 | 1 | 533340c54bd25256873b3dca34d7f74e |
|
| Details | md5 | 1 | 684eca6b62d69ce899a3ec3bb04d0a5b |
|
| Details | md5 | 1 | 69a19abf5ba56ee07cdd3425b07cf8bf |
|
| Details | md5 | 1 | 6cfd131fef548fcd60fbcdb59317df8e |
|
| Details | md5 | 1 | 72dc98449b45a7f1ccdef27d51e31e91 |
|
| Details | md5 | 1 | 7c733607a0932b1b9a9e27cd6ab55fe0 |
|
| Details | md5 | 1 | 7d5265e814843b24fcb3787768129040 |
|
| Details | md5 | 1 | 80c37e062aa4c94697f287352acf2e9d |
|
| Details | md5 | 1 | 815f1f8a7bc1e6f94cb5c416e381a110 |
|
| Details | md5 | 1 | a43d3b31575846fa4c3992b4143a06da |
|
| Details | md5 | 1 | 08e82dc7bae524884b7dc2134942aadb |
|
| Details | md5 | 1 | 7bcd736a2394fc49f3e27b3987cce640 |
|
| Details | md5 | 1 | 57314359df11ffdf476f809671ec0275 |
|
| Details | md5 | 1 | b72737b464e50aa3664321e8e001ff32 |
|
| Details | md5 | 1 | ce8ce92fb6565181572dce00d69c24f8 |
|
| Details | md5 | 1 | 5985087678414143d33ffc6e8863b887 |
|
| Details | md5 | 1 | 84730a6e426fbd3cf6b821c59674c8a0 |
|
| Details | md5 | 1 | d5377dc1821c935302c065ad8432c0d2 |
|
| Details | md5 | 1 | d8f1356bebda9e77f480a6a60eab36bb |
|
| Details | md5 | 1 | 92f8e3f0f1f7cc49fad797a62a169acd |
|
| Details | md5 | 1 | 9003cfaac523e94d5479dc6a10575e60 |
|
| Details | md5 | 1 | df91b86189adb0a11c47ce2405878fa1 |
|
| Details | md5 | 1 | e17bd40f5b5005f4a0c61f9e79a9d8c2 |
|
| Details | md5 | 1 | c1e7850da5604e081b9647b58248d7e8 |
|
| Details | md5 | 1 | 99828721ac1a0e32e4582c3f615d6e57 |
|
| Details | md5 | 1 | f559c87b4a14a4be1bd84df6553aaf56 |
|
| Details | md5 | 1 | b9c208ea8115232bfd9ec2c62f32d6b8 |
|
| Details | md5 | 1 | 061089d8cb0ca58e660ce2e433a689b3 |
|
| Details | md5 | 1 | 0e9afd3a870906ebf34a0b66d8b07435 |
|
| Details | md5 | 1 | 9c115e9a81d25f9d88e7aaa4313d9a8f |
|
| Details | md5 | 1 | 520ee02668a1c7b7c262708e12b1ba6b |
|
| Details | md5 | 1 | 7bfba2c69bed6b160261bdbf2b826401 |
|
| Details | md5 | 1 | 77a745b07d9c453650dd7f683b02b3ed |
|
| Details | md5 | 1 | 3a771efb7ba2cd0df247ab570e1408b2 |
|
| Details | md5 | 1 | 0969b2b399a8d4cd2d751824d0d842b4 |
|
| Details | md5 | 1 | fc53f2cd780cd3a01a4299b8445f8511 |
|
| Details | md5 | 1 | 4e39620afca6f60bb30e031ddc5a4330 |
|
| Details | md5 | 1 | bfe3f6a79cad5b9c642bb56f8037c43b |
|
| Details | md5 | 1 | 3dfebce4703f30eed713d795b90538b5 |
|
| Details | md5 | 1 | 9793afcea43110610757bd3b800de517 |
|
| Details | md5 | 1 | 36db24006e2b492cafb75f2663f241b2 |
|
| Details | md5 | 1 | 21feb6aa15e02bb0cddbd544605aabad |
|
| Details | md5 | 1 | 649ef1dd4a5411d3afcf108d57ff87af |
|
| Details | md5 | 1 | 320b2f1d9551b5d1df4fb19bd9ab253a |
|
| Details | md5 | 1 | 3d75c72144d873b3c1c4977fbafe9184 |
|
| Details | md5 | 1 | b9cf4301b7b186a75e82a04e87b30fe4 |
|
| Details | md5 | 1 | b4e67706103c3b8ee148394ebee3f268 |
|
| Details | md5 | 1 | 7bfbd72441e1f2ed48fbc0f33be00f24 |
|
| Details | md5 | 1 | cdb303f61a47720c7a8c5086e6b2a743 |
|
| Details | md5 | 1 | 2a6f7ec77ab6bd4297e7b15ae06e2e61 |
|
| Details | md5 | 1 | 8403a28e0bffa9cc085e7b662d0d5412 |
|
| Details | md5 | 1 | 3ffd2915d285ad748202469d4a04e1f5 |
|
| Details | md5 | 1 | 04078ef95a70a04e95bda06cc7bec3fa |
|
| Details | md5 | 1 | 235d427f94630575a4ea4bff180ecf5d |
|
| Details | md5 | 1 | 8035a8a143765551ca7db4bc5efb5dfd |
|
| Details | md5 | 1 | cacaa3bf3b2801956318251db5e90f3c |
|
| Details | md5 | 1 | 1aadf739782afcae6d1c3e4d1f315cbd |
|
| Details | md5 | 1 | c3e255888211d74cc6e3fb66b69bbffb |
|
| Details | md5 | 1 | d9e9f22988d43d73d79db6ee178d70a4 |
|
| Details | md5 | 1 | 16ab79fb2fd92db0b1f38bedb2f02ed8 |
|
| Details | md5 | 1 | 8da15a97eaf69ff7ee184fc446f19cf1 |
|
| Details | md5 | 1 | ffc7305cb24c1955f9625e525d58aeee |
|
| Details | md5 | 1 | c0e72eb4c9f897410c795c1b360090ef |
|
| Details | md5 | 1 | 9ad6fa6fdedb2df8055b3d30bd6f64f1 |
|
| Details | md5 | 1 | 44619a88a6cff63523163c6a4cf375dd |
|
| Details | md5 | 1 | a571660c9cf1696a2f4689b2007a12c7 |
|
| Details | md5 | 1 | 81229c1e272218eeda14892fa8425883 |
|
| Details | md5 | 1 | 0ac48cfa2ff8351365e99c1d26e082ad |
|
| Details | IPv4 | 1 | 104.200.30.125 |
|
| Details | IPv4 | 1 | 50.56.240.153 |
|
| Details | Url | 1 | http://freeimage.sourceforge.net |