ioc[.]one - OSINT Cyber Threat Intelligence Database

Dark Web Profile: Bashe (APT73) - SOCRadar® Cyber Intelligence Inc.

Tags

cmtmf-attack-pattern:	Application Layer Protocol Boot Or Logon Autostart Execution Command And Scripting Interpreter Exploit Public-Facing Application Process Injection Scheduled Task/Job
country:	Australia Germany France India United Kingdom United States Of America
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Abuse Elevation Control Mechanism - T1626 Abuse Elevation Control Mechanism - T1548 Application Layer Protocol - T1437 Boot Or Logon Autostart Execution - T1547 Bypass User Account Control - T1548.002 Command And Scripting Interpreter - T1623 Credentials - T1589.001 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Data From Local System - T1533 Disable Or Modify Tools - T1562.001 Disable Or Modify Tools - T1629.003 Domains - T1583.001 Domains - T1584.001 Exfiltration Over C2 Channel - T1646 Exfiltration Over Web Service - T1567 Exfiltration To Cloud Storage - T1567.002 Exploitation For Privilege Escalation - T1404 Exploit Public-Facing Application - T1377 Exploitation For Client Execution - T1658 Exploits - T1587.004 Exploits - T1588.005 File And Directory Discovery - T1420 Impair Defenses - T1562 Impair Defenses - T1629 Local Data Staging - T1074.001 Malware - T1587.001 Malware - T1588.001 Process Discovery - T1424 Multi-Factor Authentication - T1556.006 Password Managers - T1555.005 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Process Injection - T1631 Registry Run Keys / Startup Folder - T1547.001 Remote Desktop Protocol - T1021.001 Scheduled Task - T1053.005 Scheduled Task/Job - T1603 Server - T1583.004 Server - T1584.004 Smb/Windows Admin Shares - T1021.002 Web Protocols - T1071.001 Web Protocols - T1437.001 Vulnerabilities - T1588.006 Standard Application Layer Protocol - T1071 Bypass User Account Control - T1088 Command-Line Interface - T1059 Data From Local System - T1005 Data Staged - T1074 Exfiltration Over Command And Control Channel - T1041 Exploit Public-Facing Application - T1190 Exploitation For Client Execution - T1203 Exploitation For Privilege Escalation - T1068 File And Directory Discovery - T1083 Powershell - T1086 Process Discovery - T1057 Process Injection - T1055 Remote Desktop Protocol - T1076 Remote Services - T1021 Remote System Discovery - T1018 Scheduled Task - T1053 Exploit Public-Facing Application Remote System Discovery

Show in Graph

Common Information

Type	Value
UUID	62064072-1f63-4d3e-9f3f-b59cc9f3d18a
Fingerprint	b27011738a1dbe46
Analysis status	DONE
Considered CTI value	2
Text language
Published	Dec. 24, 2024, 3:12 p.m.
Added to db	Dec. 24, 2024, 1:43 p.m.
Last updated	Dec. 25, 2024, 2:19 p.m.
Headline	Dark Web Profile: Bashe (APT73)
Title	Dark Web Profile: Bashe (APT73) - SOCRadar® Cyber Intelligence Inc.
Detected Hints/Tags/Attributes	133/4/21

Source URLs

	Redirection	Url
Details	Source	https://socradar.io/dark-web-profile-bashe-apt73/

URL Provider

Details	Provider	Source level domain
Details	socradar.io	socradar.io

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	238	✔	SOCRadar® Cyber Intelligence Inc.	https://socradar.io/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	MITRE ATT&CK Techniques	469	T1566
Details	MITRE ATT&CK Techniques	593	T1190
Details	MITRE ATT&CK Techniques	511	T1059.001
Details	MITRE ATT&CK Techniques	260	T1203
Details	MITRE ATT&CK Techniques	302	T1053.005
Details	MITRE ATT&CK Techniques	427	T1547.001
Details	MITRE ATT&CK Techniques	222	T1068
Details	MITRE ATT&CK Techniques	98	T1548.002
Details	MITRE ATT&CK Techniques	487	T1055
Details	MITRE ATT&CK Techniques	330	T1562.001
Details	MITRE ATT&CK Techniques	255	T1018
Details	MITRE ATT&CK Techniques	630	T1083
Details	MITRE ATT&CK Techniques	473	T1057
Details	MITRE ATT&CK Techniques	155	T1021.002
Details	MITRE ATT&CK Techniques	562	T1005
Details	MITRE ATT&CK Techniques	55	T1074.001
Details	MITRE ATT&CK Techniques	480	T1071.001
Details	MITRE ATT&CK Techniques	460	T1041
Details	MITRE ATT&CK Techniques	108	T1567.002
Details	MITRE ATT&CK Techniques	522	T1486
Details	Threat Actor Identifier - APT	58	APT73