Operation DevilTiger:APT-Q-12 使用 0day 漏洞技战术披露
Tags
| attack-pattern: | Powershell - T1059.001 Rundll32 - T1218.011 Powershell - T1086 Rundll32 - T1085 |
Common Information
| Type | Value |
|---|---|
| UUID | 83383145-fbea-4855-8aea-511c570ea85a |
| Fingerprint | 23924324b7d10ae5 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 26, 2024, midnight |
| Added to db | Aug. 31, 2024, 9:21 a.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | Operation DevilTiger:APT-Q-12 使用 0day 漏洞技战术披露 |
| Title | Operation DevilTiger:APT-Q-12 使用 0day 漏洞技战术披露 |
| Detected Hints/Tags/Attributes | 19/1/29 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 267 | ✔ | 奇安信威胁情报中心 | https://wechat2rss.xlab.app/feed/b93962f981247c0091dad08df5b7a6864ab888e9.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 5 | cve-2017-5070 |
|
| Details | Domain | 78 | bitbucket.org |
|
| Details | Domain | 14 | statcounter.com |
|
| Details | Domain | 3 | web-oauth.com |
|
| Details | Domain | 53 | blogs.blackberry.com |
|
| Details | File | 39 | image.png |
|
| Details | File | 2 | staticcache-system.dat |
|
| Details | File | 4 | oaqddi32.bmp |
|
| Details | File | 4 | 32.bmp |
|
| Details | File | 2 | 3wigyjvj.tmp |
|
| Details | File | 1 | bincheck.db |
|
| Details | File | 2 | 0o0o.apk |
|
| Details | md5 | 4 | 764c7b0cdc8a844dc58644a32773990e |
|
| Details | md5 | 4 | 59cd91c8ee6b9519c0da27d37a8a1b31 |
|
| Details | md5 | 4 | fa17ed2eabff8ac5fbbbc87f5446b9ca |
|
| Details | md5 | 4 | 71094ef9f2cf685e6c7d11fe310e5efb |
|
| Details | IPv4 | 4 | 82.118.27.129 |
|
| Details | Threat Actor Identifier - APT-Q | 15 | APT-Q-12 |
|
| Details | Threat Actor Identifier - APT-Q | 7 | APT-Q-11 |
|
| Details | Threat Actor Identifier - APT-Q | 7 | APT-Q-14 |
|
| Details | Threat Actor Identifier - APT-Q | 8 | APT-Q-15 |
|
| Details | Threat Actor Identifier - APT | 277 | APT37 |
|
| Details | Unknown Threat Group - UTG-Q | 4 | UTG-Q-005 |
|
| Details | Url | 4 | https://bitbucket.org/noelvisor/burdennetted/downloads/oaqddi32.bmp |
|
| Details | Url | 4 | https://bitbucket.org/poppedboy/bovrilchant/downloads/32.bmp |
|
| Details | Url | 4 | https://c.statcounter.com/12830663/0/0ee00a3c/1 |
|
| Details | Url | 4 | https://bitbucket.org/noelvisor/burdennetted/downloads |
|
| Details | Url | 2 | https://blogs.blackberry.com/en/2017/05/baijiu |
|
| Details | Url | 5 | https://ti.qianxin.com/blog/articles/operation-dragon-dance-the-sword-of-damocles-hanging-over-the-gaming-industry |