Wild Neutron – Economic espionage threat actor returns with new tricks
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 682b8cac-6930-4407-9390-a9bc9e784b9a |
| Fingerprint | b5341b51cdb325f1 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 8, 2015, 1:04 p.m. |
| Added to db | Sept. 26, 2022, 9:33 a.m. |
| Last updated | Nov. 12, 2024, 12:07 a.m. |
| Headline | Wild Neutron – Economic espionage threat actor returns with new tricks |
| Title | Wild Neutron – Economic espionage threat actor returns with new tricks |
| Detected Hints/Tags/Attributes | 114/3/104 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 2 | cve-2012-3213 |
|
| Details | Domain | 1 | www.iphonedevsdk.com |
|
| Details | Domain | 1 | min.liveanalytics.org |
|
| Details | Domain | 1 | fedoraforum.org |
|
| Details | Domain | 1 | expatforum.com |
|
| Details | Domain | 1 | mygsmindia.com |
|
| Details | Domain | 1 | forum.samdroid.net |
|
| Details | Domain | 1 | emiratesmac.com |
|
| Details | Domain | 1 | forums.kyngdvb.com |
|
| Details | Domain | 1 | community.flexispy.com |
|
| Details | Domain | 1 | ansar1.info |
|
| Details | Domain | 7 | eromang.zataz.com |
|
| Details | Domain | 1 | cryptomag.mediasource.ch |
|
| Details | Domain | 1 | app.cloudprotect.eu |
|
| Details | Domain | 1 | ssl.cloudprotect.eu |
|
| Details | Domain | 1 | secure.pdf-info.com |
|
| Details | Domain | 1 | find.a-job.today |
|
| Details | Domain | 20 | exploit.java |
|
| Details | Domain | 1 | logs.cloudprotect.eu |
|
| Details | Domain | 338 | kaspersky.com |
|
| Details | Domain | 1 | ddosprotected.eu |
|
| Details | Domain | 1 | updatesoft.eu |
|
| Details | Domain | 1 | fw.ddosprotected.eu |
|
| Details | Domain | 1 | ssl.updatesoft.eu |
|
| Details | Domain | 1 | adb.strangled.net |
|
| Details | Domain | 2 | digitalinsight-ltd.com |
|
| Details | Domain | 2 | ads.digitalinsight-ltd.com |
|
| Details | Domain | 2 | cache.cloudbox-storage.com |
|
| Details | Domain | 2 | cloudbox-storage.com |
|
| Details | Domain | 2 | clust12-akmai.net |
|
| Details | Domain | 2 | corp-aapl.com |
|
| Details | Domain | 2 | fb.clust12-akmai.net |
|
| Details | Domain | 2 | fbcbn.net |
|
| Details | Domain | 2 | img.digitalinsight-ltd.com |
|
| Details | Domain | 2 | jdk-update.com |
|
| Details | Domain | 1 | liveanalytics.org |
|
| Details | Domain | 2 | pop.digitalinsight-ltd.com |
|
| Details | Domain | 2 | ww1.jdk-update.com |
|
| Details | 147 | intelreports@kaspersky.com |
||
| Details | File | 1 | ansar1.inf |
|
| Details | File | 75 | favicon.ico |
|
| Details | File | 1 | msie9html5.jpg |
|
| Details | File | 1 | loader-large.gif |
|
| Details | File | 47 | min.css |
|
| Details | File | 1 | stats.js |
|
| Details | File | 1 | autoload.js |
|
| Details | File | 1 | banner.html |
|
| Details | File | 1 | bniqligx.swf |
|
| Details | File | 3 | background.jpg |
|
| Details | File | 4 | secure.pdf |
|
| Details | File | 20 | exploit.java |
|
| Details | File | 1 | igfxupt.exe |
|
| Details | File | 4 | javacpl.exe |
|
| Details | File | 1 | liveupdater.exe |
|
| Details | File | 7 | flashutil.exe |
|
| Details | File | 2 | rtlupd.exe |
|
| Details | File | 1 | updt.dat |
|
| Details | File | 1 | winrat-win32-release.exe |
|
| Details | File | 2 | ww1.jdk |
|
| Details | File | 1 | %appdata%\roaming\flashutil.exe |
|
| Details | File | 1 | %appdata%\roaming\acer\liveupdater.exe |
|
| Details | File | 1 | %appdata%\roaming\realtek\rtlupd.exe |
|
| Details | File | 1 | %programdata%\realtek\rtlupd.exe |
|
| Details | File | 1 | %appdata%\roaming\sqlite3.dll |
|
| Details | File | 1 | %windir%\winsession.dll |
|
| Details | File | 1 | %appdata%\appdata\local\temp\teamviewer\version9\update.exe |
|
| Details | File | 1 | %systemroot%\temp\_dbg.tmp |
|
| Details | File | 1 | %systemroot%\temp\ok.tmp |
|
| Details | File | 1 | c:\windows\temp\debug.txt |
|
| Details | File | 1 | c:\windows\syswow64\mshtaex.exe |
|
| Details | File | 1 | mshtaex.exe |
|
| Details | File | 1 | wdigestex.dll |
|
| Details | File | 1 | dpcore16t.dll |
|
| Details | File | 1 | iastor32.exe |
|
| Details | File | 1 | mspool.dll |
|
| Details | File | 1 | msvcse.exe |
|
| Details | File | 1 | mspool.exe |
|
| Details | File | 1 | lnrauth.dll |
|
| Details | File | 1 | lnrauthsvc.dll |
|
| Details | File | 1 | lnrupdt.exe |
|
| Details | File | 1 | lnrupdtp.exe |
|
| Details | md5 | 2 | 1582d68144de2808b518934f0a02bfd6 |
|
| Details | md5 | 1 | 14ba21a3a0081ef60e676fd4945a8bdc |
|
| Details | md5 | 1 | 0fa3657af06a8cc8ef14c445acd92c0f |
|
| Details | md5 | 1 | 95ffe4ab4b158602917dd2a999a8caf8 |
|
| Details | md5 | 1 | 342887a7ec6b9f709adcb81fef0d30a3 |
|
| Details | md5 | 1 | dee8297785b70f490cc00c0763e31b69 |
|
| Details | md5 | 1 | f0fff29391e7c2e7b13eb4a806276a84 |
|
| Details | md5 | 1 | 1f5f5db7b15fe672e8db091d9a291df0 |
|
| Details | md5 | 1 | 48319e9166cda8f605f9dce36f115bc8 |
|
| Details | md5 | 1 | 088472f712d1491783bbad87bcc17c48 |
|
| Details | md5 | 1 | ee24a7ad8d137e54b854095188de0bbf |
|
| Details | md5 | 1 | dbb0ea0436f70f2a178a60c4d8b791b3 |
|
| Details | IPv4 | 1 | 66.55.133.89 |
|
| Details | IPv4 | 1 | 185.10.58.181 |
|
| Details | IPv4 | 1 | 46.183.217.132 |
|
| Details | IPv4 | 1 | 217.23.6.13 |
|
| Details | IPv4 | 1 | 64.187.225.231 |
|
| Details | IPv4 | 1 | 62.113.238.104 |
|
| Details | Url | 1 | http://eromang.zataz.com/2013/02/20/facebook-apple-twitter-watering-hole-attack-additional-informations/. |
|
| Details | Url | 1 | http://eromang.zataz.com/2013/03/24/osx-pintsized-backdoor-additional-details/. |
|
| Details | Url | 1 | http://cryptomag.mediasource.ch |
|
| Details | Url | 1 | http://find.a-job.today/. |
|
| Details | Url | 1 | https://app.cloudprotect.eu:443 |