Hiding in Plain Sight: Obscuring C2s by Abusing CDN Services - TeamT5
Tags
attack-pattern: Data Cdns - T1596.004 Domain Fronting - T1090.004 Domains - T1583.001 Domains - T1584.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Serverless - T1583.007 Serverless - T1584.007 Tool - T1588.002 Vulnerabilities - T1588.006 Connection Proxy - T1090 Domain Fronting - T1172
Show in Graph
Common Information
Type Value
UUID 5c03be7a-ecc2-4381-98a0-ea02ef774ebb
Fingerprint 3338356d6d4192c5
Analysis status DONE
Considered CTI value 2
Text language
Published June 22, 2022, midnight
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Hiding in Plain Sight: Obscuring C2s by Abusing CDN Services
Title Hiding in Plain Sight: Obscuring C2s by Abusing CDN Services - TeamT5
Detected Hints/Tags/Attributes 42/1/27
Source URLs
Redirection Url
Details Source https://teamt5.org/en/posts/hiding-in-plain-sight-obscuring-c2s-by-abusing-cdn-services
URL Provider
Details Provider Source level domain
Details teamt5.org teamt5.org
Attributes
Details Type #Events CTI Value
Details CVE 44 
cve-2021-41773
Details CVE 25 
cve-2021-42013
Details CVE 7 
cve-2021-41987
Details Domain 1 
uploads.teamt5.org
Details Domain 1 
route.moffice365.workers.dev
Details Domain 9 
pypi.python.org
Details Domain 1 
dl-python.org
Details Domain 1 
dl-python.org.global.prod.fastly.net
Details Domain 1 
my-c2domain.com
Details Domain 23 
www.cobaltstrike.com
Details Domain 6 
www.pexels.com
Details File 1 
202205_blog_pic1.png
Details File 1 
202205_blog_pic2.png
Details File 1 
202205_blog_pic3.png
Details File 10 
pypi.py
Details File 1 
202205_blog_pic4.png
Details File 1 
202205_blog_pic5.png
Details File 1 
202205_blog_pic6.png
Details Threat Actor Identifier - APT 132 
APT32
Details Url 1 
https://uploads.teamt5.org/upload/original/202205_blog_pic1.png
Details Url 1 
https://uploads.teamt5.org/upload/original/202205_blog_pic2.png
Details Url 1 
https://uploads.teamt5.org/upload/original/202205_blog_pic3.png
Details Url 1 
https://uploads.teamt5.org/upload/original/202205_blog_pic4.png
Details Url 1 
https://uploads.teamt5.org/upload/original/202205_blog_pic5.png
Details Url 1 
https://uploads.teamt5.org/upload/original/202205_blog_pic6.png
Details Url 1 
https://www.cobaltstrike.com/blog/high-reputation-redirectors-and-domain-fronting
Details Url 2 
https://www.pexels.com