ioc[.]one - OSINT Cyber Threat Intelligence Database

The Chinese bootkit

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Bootkit - T1542.003 Server - T1583.004 Server - T1584.004 Software - T1592.002 Bootkit - T1067 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	700f869b-cb78-427d-81a3-029b1d76823a
Fingerprint	ae04184828efb295
Analysis status	DONE
Considered CTI value	0
Text language
Published	April 5, 2011, 3:09 p.m.
Added to db	Jan. 18, 2023, 10:24 p.m.
Last updated	Nov. 17, 2024, 6:49 p.m.
Headline	The Chinese bootkit
Title	The Chinese bootkit
Detected Hints/Tags/Attributes	24/2/6

Source URLs

	Redirection	Url
Details	Source	https://securelist.com/the-chinese-bootkit/29653/

URL Provider

Details	Provider	Source level domain
Details	securelist.com	securelist.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	67		360.cn
Details	File	1		fips.sys
Details	File	1260		explorer.exe
Details	File	1		tj.aspx
Details	IPv4	2		192.168.0.16
Details	Url	1		http://ab.*****.com:8081/tj.aspx?a=windows