NetTraveler APT Gets a Makeover for 10th Birthday
Tags
country: Bolivia Hong Kong United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 802a8ef9-f3c1-468b-b6e2-707b8052c53f
Fingerprint 50b56a85ed500215
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 27, 2014, 11 a.m.
Added to db Jan. 18, 2023, 10:23 p.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline NetTraveler APT Gets a Makeover for 10th Birthday
Title NetTraveler APT Gets a Makeover for 10th Birthday
Detected Hints/Tags/Attributes 48/3/31
Source URLs
Redirection Url
Details Source https://securelist.com/blog/research/66272/nettraveler-apt-gets-a-makeover-for-10th-birthday/
URL Provider
Details Provider Source level domain
Details securelist.com securelist.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
jojomic.com
Details Domain 1 
angellost.net
Details Domain 1 
husden.com
Details File 1 
ashkarilanmaqta.doc
Details CVE 176 
cve-2012-0158
Details Domain 1 
uyghurinfo.com
Details Domain 1 
ssdcru.com
Details Domain 1 
uygurinfo.com
Details Domain 4 
todaynic.com
Details Domain 1 
samedone.com
Details Domain 1 
gobackto.net
Details Domain 2 
worksware.net
Details File 2 
cve-2012-0158.db
Details File 256 
net.exe
Details File 1 
%systemroot%\system32\windowsupdataney.dll
Details File 1 
windowsupdataney.dll
Details File 2 
dot.bat
Details File 48 
trojan.bat
Details File 32 
%systemroot%\system32\svchost.exe
Details md5 1 
b2385963d3afece16bd7478b4cf290ce
Details md5 1 
c13c79ad874215cfec8d318468e3d116
Details IPv4 2 
103.30.7.77
Details IPv4 1 
216.83.32.29
Details IPv4 1 
122.10.17.130
Details IPv4 1 
103.1.42.1
Details IPv4 1 
202.146.219.14
Details IPv4 1 
103.17.117.201
Details IPv4 2 
103.30.7.76
Details Windows Registry Key 104 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
Details Windows Registry Key 1 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windowsupdata
Details Windows Registry Key 1 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windowsupdata\Parameters