APT-C-28(ScarCruft)组织针对能源方向投放Rokrat后门活动分析
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 7c44b457-396e-4237-865e-63861b41dc41 |
| Fingerprint | 85f9fe3dd65ffd0d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 13, 2020, midnight |
| Added to db | July 13, 2023, 6 p.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | APT-C-28(ScarCruft)组织针对能源方向投放Rokrat后门活动分析 |
| Title | APT-C-28(ScarCruft)组织针对能源方向投放Rokrat后门活动分析 |
| Detected Hints/Tags/Attributes | 10/0/11 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 265 | ✔ | 360数字安全 | https://wechat2rss.xlab.app/feed/85e7bf4fe192ded1a15f130aa43ac306d227f61b.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 469 | www.cisa.gov |
|
| Details | Domain | 36 | www.volexity.com |
|
| Details | md5 | 1 | 85e71578ad7fea3c15095b6185b14881 |
|
| Details | md5 | 1 | 4D3464B23DD4FB141C8FCC4CBF541832 |
|
| Details | md5 | 1 | 7B7C43ED1EB6A423BDCFD0484FE560C3 |
|
| Details | md5 | 1 | 2C180BF7A1E6DBE84060C3B5AA53FEB7 |
|
| Details | md5 | 1 | 4FE698C235D03A271305DB8FFDAA9E36 |
|
| Details | Threat Actor Identifier - APT-C | 15 | APT-C-28 |
|
| Details | Url | 11 | https://api.onedrive.com/v1.0/shares/u |
|
| Details | Url | 1 | https://www.cisa.gov/news-events/analysis-reports/ar20-133d |
|
| Details | Url | 1 | https://www.volexity.com/blog/2021/08/24/north-korean-bluelight-special-inkysquid-deploys-rokrat |