Rewterz Threat Alert – Russian APT28 Delivers Zebrocy Malware - Rewterz
Tags
country: | Afghanistan Egypt Azerbaijan Bosnia And Herzegovina Switzerland China Uruguay Georgia Iran Japan Kazakhstan Saudi Arabia Kyrgyzstan Mongolia Serbia Tajikistan Zimbabwe Russia Turkmenistan Ukraine United States Of America |
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 |
Common Information
Type | Value |
---|---|
UUID | 5fb59aa0-65c2-4f61-917a-cd8264ec500b |
Fingerprint | 85a45dc9e7d74e97 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 10, 2020, 4:55 p.m. |
Added to db | Dec. 19, 2024, 6:04 p.m. |
Last updated | Dec. 23, 2024, 9:07 p.m. |
Headline | Rewterz Threat Alert – Russian APT28 Delivers Zebrocy Malware |
Title | Rewterz Threat Alert – Russian APT28 Delivers Zebrocy Malware - Rewterz |
Detected Hints/Tags/Attributes | 66/3/22 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 66 | vb.net |
|
Details | Domain | 4 | support-cloud.life |
|
Details | md5 | 3 | 855005fee45e71c36a466527c7fad62f |
|
Details | md5 | 2 | 72552ef22b484f8868dab10b0f605779 |
|
Details | md5 | 1 | 6e1afd4df848888056494247fcf88f53 |
|
Details | md5 | 1 | 49a34cfbeed733c24392c9217ef46bb6 |
|
Details | md5 | 2 | 395e166af5197967503f45c3ac134ff7 |
|
Details | sha1 | 2 | bfe3e62770c8a4479d19ee4208410199b7484924 |
|
Details | sha1 | 2 | 40ef7b08f271cee4482f01b820d1c54e0fdf9d89 |
|
Details | sha1 | 1 | a0a00e3efd4900f1a0e73b68399049b9293e48da |
|
Details | sha1 | 1 | fbe27e84dd553477894242844652a30eb7d713bc |
|
Details | sha1 | 1 | 5761e431cf35b39bb4a9cf0a7dfd913fa822fe48 |
|
Details | sha256 | 4 | d5d9210ef49c6780016536b0863cc50f6de03f73e70c2af46cc3cff0e2bf9353 |
|
Details | sha256 | 4 | 6449d0cb1396d6feba7fb9e25fb20e9a0a5ef3e8623332844458d73057cf04a1 |
|
Details | sha256 | 3 | 61c2e524dcc25a59d7f2fe7eff269865a3ed14d6b40e4fea33b3cd3f58c14f19 |
|
Details | sha256 | 4 | f36a0ee7f4ec23765bb28fbfa734e402042278864e246a54b8c4db6f58275662 |
|
Details | sha256 | 3 | d444fde5885ec1241041d04b3001be17162523d2058ab1a7f88aac50a6059bc0 |
|
Details | IPv4 | 4 | 89.37.226.148 |
|
Details | IPv4 | 2 | 80.90.39.24 |
|
Details | Threat Actor Identifier - APT | 917 | APT28 |
|
Details | Url | 3 | https://support-cloud.life/managment/cb-secure/technology.php |
|
Details | Url | 3 | http://89.37.226.148/technet-support/library/online-service-description.php |