ioc[.]one - OSINT Cyber Threat Intelligence Database

Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack | Mandiant

Tags

attack-pattern:

Data Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	84ea9c8c-26b8-482a-9a32-78e584053bd3
Fingerprint	b49101f5b8adc5f1
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 18, 2015, midnight
Added to db	Nov. 6, 2023, 7:10 p.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack
Title	Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack \| Mandiant
Detected Hints/Tags/Attributes	45/1/8

Source URLs

	Redirection	Url
Details	Source	https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
Details	Source	https://www.mandiant.com/resources/blog/probable-apt28-useo

URL Provider

Details	Provider	Source level domain
Details	fireeye.com	www.fireeye.com
Details	mandiant.com	www.mandiant.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	330	✔	Threat Intelligence	https://www.mandiant.com/resources/blog/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	11		cve-2015-3043
Details	CVE	37		cve-2015-1701
Details	CVE	20		cve-2014-0515
Details	Domain	1		ssl-icloud.com
Details	IPv4	2		17.0.0.134
Details	IPv4	3		87.236.215.246
Details	IPv4	1		87.236.215.0
Details	Threat Actor Identifier - APT	783		APT28