Lancefly APT Hackers Using Custom Backdoor to Attack Government Orgs
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Dll Side-Loading - T1574.002 Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Ssh - T1021.004 Tool - T1588.002 Vulnerabilities - T1588.006 Dll Side-Loading - T1073 Rootkit - T1014 Rootkit
Show in Graph
Common Information
Type Value
UUID 8491e624-9c5d-4346-9e8c-573f1d846313
Fingerprint 368580a2e1b38656
Analysis status DONE
Considered CTI value 2
Text language
Published May 17, 2023, 5:41 a.m.
Added to db May 17, 2023, 9:20 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Lancefly APT Hackers Using Custom Backdoor to Attack Government Orgs
Title Lancefly APT Hackers Using Custom Backdoor to Attack Government Orgs
Detected Hints/Tags/Attributes 44/2/7
Source URLs
Redirection Url
Details Source https://gbhackers.com/lancefly-apt-hackers/
URL Provider
Details Provider Source level domain
Details gbhackers.com gbhackers.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 162 https://media.cert.europa.eu/rss?type=category&id=APTFilter&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 7 
perfhost.exe
Details File 1122 
svchost.exe
Details File 3 
formdii.dll
Details File 7 
formdll.dll
Details Threat Actor Identifier - APT 66 
APT17
Details Threat Actor Identifier - APT 522 
APT41
Details Threat Actor Identifier - APT 297 
APT27