MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures | HP Wolf Security
Tags
| country: | Germany |
| attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 65e65a7e-431e-482b-89ee-34670fdf0d20 |
| Fingerprint | b4042b53001763c1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 19, 2021, 11:32 a.m. |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 15, 2024, 1:38 p.m. |
| Headline | MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures |
| Title | MirrorBlast and TA505: Examining Similarities in Tactics, Techniques and Procedures | HP Wolf Security |
| Detected Hints/Tags/Attributes | 50/2/15 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | xbox-en-cnd.com |
|
| Details | Domain | 1 | one-drive-storage.com |
|
| Details | Domain | 2 | store-in-box.com |
|
| Details | Domain | 2 | microsoft-store-drm-server.com |
|
| Details | Domain | 1 | clouds-doanload-cnd.com |
|
| Details | Domain | 2 | microsoft-sback-server.com |
|
| Details | Domain | 1 | one-drive-ms.com |
|
| Details | Domain | 1 | owncloud-cdn.com |
|
| Details | Domain | 2 | cdn-onedrive-live.com |
|
| Details | Domain | 1 | office-en-service.com |
|
| Details | Domain | 3 | fidufagios.com |
|
| Details | Domain | 2 | onedrive-sdn.com |
|
| Details | Domain | 154 | urlscan.io |
|
| Details | File | 8 | page.url |
|
| Details | IPv4 | 2 | 169.239.128.11 |