ioc[.]one - OSINT Cyber Threat Intelligence Database

奇安信威胁情报中心

Tags

country:	Afghanistan India
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Software - T1592.002 Vulnerabilities - T1588.006 Mshta - T1170

Show in Graph

Common Information

Type	Value
UUID	88c59f5d-46af-4af4-8db1-d9730295c9dd
Fingerprint	80a29819a8a70e19
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 21, 2023, midnight
Added to db	Dec. 16, 2024, 10:03 p.m.
Last updated	Dec. 18, 2024, 9:12 p.m.
Headline	UNKNOWN
Title	奇安信威胁情报中心
Detected Hints/Tags/Attributes	67/3/28

Source URLs

	Redirection	Url
Details	Source	https://ti.qianxin.com/blog/articles/Sidecopy-Group-Launches-Attacks-on-India-Using-a-New-Trojan-EN/

URL Provider

Details	Provider	Source level domain
Details	qianxin.com	ti.qianxin.com

Attributes

Details	Type	#Events	Value
Details	Domain	22	sandbox.ti.qianxin.com
Details	Domain	4	ssynergy.in
Details	Domain	5	cornerstonebeverly.org
Details	Domain	2	halterarks.co.uk
Details	Domain	266	blog.talosintelligence.com
Details	Domain	62	ti.qianxin.com
Details	File	64	nuxt.js
Details	File	2	saudi_delegation.zip
Details	File	498	mshta.exe
Details	File	9	prebothta.dll
Details	File	1	trex.exe
Details	File	2	sidecopy.html
Details	md5	2	6D724445E65B6407F26A5B0251FDD1E4
Details	md5	2	D663E977C079D338D47E937F7AFCFBB4
Details	md5	2	2C65DC705BA503261654AA40484A19E9
Details	md5	2	42A152594AF53012A3559BD7CDF99056
Details	md5	2	AC92A32AEE15421AB9E953B1836A691B
Details	md5	2	E62B5CC773A2240BBFA56B535076905F
Details	IPv4	6	209.126.81.42
Details	IPv4	2	185.136.161.129
Details	Url	53	https://sandbox.ti.qianxin.com/sandbox/page
Details	Url	2	https://ssynergy.in/wp-content/themes/twentytwentythree/assets/fonts/inter/delegation
Details	Url	2	https://cornerstonebeverly.org/js/files/docufentososo/doecumentosoneso
Details	Url	2	https://halterarks.co.uk/img/gallery/misc/files/html5-k
Details	Url	2	https://halterarks.co.uk/img/gallery/misc/files/jquery-k
Details	Url	2	https://blog.talosintelligence.com/2021/07/sidecopy.html
Details	Url	3	https://ti.qianxin.com/blog/articles/analysis-of-sidecopy-group
Details	Url	4	https://ti.qianxin.com/blog/articles/sidecopy-dual-platform-weapon