Earth Preta Spear-Phishing Governments Worldwide
Tags
cmtmf-attack-pattern: Masquerading
country: Australia Malaysia China Japan Myanmar Philippines Taiwan
maec-delivery-vectors: Watering Hole
attack-pattern: Data Direct Email Account - T1087.003 Email Accounts - T1585.002 Email Accounts - T1586.002 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Masquerading - T1036 Rundll32 - T1085 Masquerading
Show in Graph
Common Information
Type Value
UUID 8210cefa-18d9-4b69-9b88-7998e5cd8def
Fingerprint bd04992b87b98fc9
Analysis status DONE
Considered CTI value 2
Text language
Published Nov. 18, 2022, midnight
Added to db Nov. 18, 2022, 7:49 p.m.
Last updated Nov. 18, 2024, 1:38 a.m.
Headline Earth Preta Spear-Phishing Governments Worldwide
Title Earth Preta Spear-Phishing Governments Worldwide
Detected Hints/Tags/Attributes 103/4/34
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_us/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_us/research/22/k/earth-preta-spear-phishing-governments-worldwide.html?&web_view=true
Details Source https://www.trendmicro.com/en_ph/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_th/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_hk/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_nl/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_ie/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_ca/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_dk/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_ae/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_se/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_id/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_gb/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_be/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_no/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
Details Source https://www.trendmicro.com/en_fi/research/22/k/earth-preta-spear-phishing-governments-worldwide.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 119 Trend Micro Research, News and Perspectives https://feeds.feedburner.com/TrendMicroSimplySecurity 2024-08-30 22:08
Details 162 https://media.cert.europa.eu/rss?type=category&id=APTFilter&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 194 
drive.google.com
Details File 5 
china.exe
Details File 40 
libcef.dll
Details File 5 
win32.pub
Details File 6 
adobe_licensing_wf_helper.exe
Details File 2 
c:\users\public\pictures\adobe_wf.exe
Details File 2 
c:\users\public\pictures\libcef.dll
Details File 2 
05-09-2022.docx
Details File 55 
putty.exe
Details File 3 
cefbrowser.dll
Details File 4 
desktop.rar
Details File 47 
winrar.exe
Details File 1 
pputty.exe
Details File 3 
appxupdate.exe
Details File 3 
taiwan.rar
Details File 2 
taiwan.exe
Details File 2 
20220817.docx
Details File 2 
15-8-2022.docx
Details File 2127 
cmd.exe
Details File 1018 
rundll32.exe
Details File 185 
shell32.dll
Details File 2 
c:\\users\\public\\libraries\\graphics\\adobelicensing.exe
Details File 249 
schtasks.exe
Details File 2 
裴洛西訪台後民意匯總.rar
Details File 3 
testwindowstorehost.exe
Details File 2 
points.docx
Details File 3 
crime.rar
Details sha256 2 
521662079c1473adb59f2d7134c8c1d76841f2a0f9b9e6e181aa54df25715a09
Details sha256 1 
770d5b60d8dc0f32941a6b530c9598df92a7ec76b60309aa8648f9b3a3f3cca5
Details sha256 2 
09fc8bf9e2980ebec1977a8023e8a2940e6adb5004f48d07ad34b71ebf35b877
Details IPv4 3 
98.142.251.29
Details Url 2 
https://drive.google.com/uc?id=gdrive_file_id&export=download
Details Url 2 
https://drive.google.com/file/d/gdrive_file_id/view.
Details Windows Registry Key 188 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run