Rewterz Threat Alert – Bitter APT Targets Organizations in South Asia - Rewterz
Tags
| cmtmf-attack-pattern: | Data Manipulation |
| country: | China Pakistan |
| attack-pattern: | Data Manipulation - T1641 Data Manipulation - T1565 Malware - T1587.001 Malware - T1588.001 Social Media - T1593.001 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 70936e74-082b-4b05-a7c7-b9f79a99a557 |
| Fingerprint | c1b2bd527e558f4d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 15, 2020, 5:48 p.m. |
| Added to db | Dec. 19, 2024, 4:16 a.m. |
| Last updated | Dec. 20, 2024, 8:23 p.m. |
| Headline | Rewterz Threat Alert – Bitter APT Targets Organizations in South Asia |
| Title | Rewterz Threat Alert – Bitter APT Targets Organizations in South Asia - Rewterz |
| Detected Hints/Tags/Attributes | 30/3/31 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 6 | cve-2020-12516 |
|
| Details | Domain | 4 | pichostfrm.net |
|
| Details | md5 | 2 | f6b250aff0e2f5b592a6753c4fdb4475 |
|
| Details | md5 | 3 | f4daf0eccf9972bdefb79fbf9f7fb6ee |
|
| Details | md5 | 3 | a39aa2ecbbb50c97727503e23ce7b8c6 |
|
| Details | md5 | 2 | 99dd93a189fd734fb00246a7a37014d3 |
|
| Details | md5 | 2 | 806626d6e7a283efffb53b3831d53346 |
|
| Details | md5 | 5 | 660a678cd7202475cf0d2c48b4b52bab |
|
| Details | md5 | 3 | 25a16b0fca9acd71450e02a341064c8d |
|
| Details | md5 | 2 | 1475df569f8a31e49a659c6d9764ae93 |
|
| Details | sha1 | 1 | c663870d693af2ca04f8c8c5861c4b92b8cdd932 |
|
| Details | sha1 | 1 | c65a902b61e6158fa453b3bbdd81c57739383d63 |
|
| Details | sha1 | 1 | ccb1f082d2539ee9e2ba5f7a69d0d2fb26644f91 |
|
| Details | sha1 | 1 | 829785ea04587bb60003819c8919fed842216a83 |
|
| Details | sha1 | 1 | 820f205b40462d50bf1889410eb8b712256eab15 |
|
| Details | sha1 | 1 | a0c4ee924cd2a57e1b62b722c3b89a05ffc74663 |
|
| Details | sha1 | 2 | 826334eb7990950f7e154d2494cc12437723aad2 |
|
| Details | sha1 | 1 | 40f9a260eafd137b068a536053fe9db97114f348 |
|
| Details | sha256 | 1 | 08fdd8642b657afe39b6023efb85ed3c9c7c349c75e68d2424417fe40e36d22e |
|
| Details | sha256 | 1 | 78b16177d8c5b2e06622688a9196ce7452ca1b25a350daae8c4f12c2e415065c |
|
| Details | sha256 | 1 | c42865e79497dbba80cfd806e0d3dc58769212fca2f9e82620029503b6ef7d8a |
|
| Details | sha256 | 1 | b2d7336f382a22d5fb6899fc2bd87c7cd401451ecd6af8ccb9ea7dbbe62fc1b7 |
|
| Details | sha256 | 1 | 76494e3c71c44b3586f65e678c0d42b06c94396596159dacb9c3b65bd8edab66 |
|
| Details | sha256 | 1 | d957239ba4d314e47de9748e77a229f4f969f55b3fcf54a096e7971c7f1bab7d |
|
| Details | sha256 | 2 | 26b3c9a5077232c1bbb5c5b4fc5513e3e0b54a735c32ae90a6d6c1e1d7e4cc0f |
|
| Details | sha256 | 1 | 6cb0c0a2f89d1e82653d2b0dd1389007543616d11f0709ff194a4db2d36865f7 |
|
| Details | IPv4 | 4 | 82.221.136.27 |
|
| Details | IPv4 | 3 | 72.11.134.216 |
|
| Details | IPv4 | 3 | 162.0.229.203 |
|
| Details | Threat Actor Identifier - APT-C | 118 | APT-C-23 |
|
| Details | Threat Actor Identifier - APT-C | 28 | APT-C-08 |