ioc[.]one - OSINT Cyber Threat Intelligence Database

GitHub - TKCERT/winnti-suricata-lua: Suricata rules to detect Winnti communication

Tags

attack-pattern:

Malware - T1587.001 Malware - T1588.001

Show in Graph

Common Information

Type	Value
UUID	63056bea-2af4-4cf9-8d2e-230711268170
Fingerprint	cbb0fb04f3b43f89
Analysis status	DONE
Considered CTI value	0
Text language
Published	March 5, 2018, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Oct. 31, 2024, 10:55 a.m.
Headline	TKCERT/winnti-suricata-lua
Title	GitHub - TKCERT/winnti-suricata-lua: Suricata rules to detect Winnti communication
Detected Hints/Tags/Attributes	8/1/8

Source URLs

	Redirection	Url
Details	Source	https://github.com/TKCERT/winnti-suricata-lua

URL Provider

Details	Provider	Source level domain
Details	github.com	github.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	11		www.novetta.com
Details	Domain	13		hitcon.org
Details	File	1		winnti-more-than-just-a-game-130410.pdf
Details	File	4		novetta_winntianalysis.pdf
Details	File	1		polymorphism.pdf
Details	Url	1		https://kasperskycontenthub.com/wp-content/uploads/sites/43/vlpdfs/winnti-more-than-just-a-game-130410.pdf
Details	Url	2		https://www.novetta.com/wp-content/uploads/2015/04/novetta_winntianalysis.pdf
Details	Url	1		https://hitcon.org/2016/pacific/0composition/pdf/1201/1201