ioc[.]one - OSINT Cyber Threat Intelligence Database

安天发布“方程式组织”攻击中东SWIFT服务商事件复盘分析报告

Tags

attack-pattern:

Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	8f356960-d0a5-4240-8fec-7103e9027bab
Fingerprint	9330ff49fef9cfcf
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 1, 2010, midnight
Added to db	Sept. 26, 2022, 9:30 a.m.
Last updated	Nov. 17, 2024, 5:54 p.m.
Headline	安天发布“方程式组织”攻击中东SWIFT服务商事件复盘分析报告
Title	安天发布“方程式组织”攻击中东SWIFT服务商事件复盘分析报告
Detected Hints/Tags/Attributes	30/1/46

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s/3ZQhn32NB6p-LwndB2o2zQ

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

Attributes

Details	Type	#Events	Value
Details	CVE	9	cve-2015-7755
Details	Domain	20	www.antiy.cn
Details	Domain	403	securelist.com
Details	Domain	14	www.antiy.com
Details	Domain	1	www.eastnets.com
Details	Domain	1	www.treasuryandrisk.com
Details	Domain	33	www.schneier.com
Details	Domain	170	www.sans.org
Details	File	1	最后在saa服务器上执行sql脚本initial_oracle_exploit.sql
Details	File	1	和swift_msg_queries_all.sql
Details	File	1	lup.mp4
Details	File	4	equation_antiy_report.html
Details	File	2	equation_part_of_the_component_analysis_of_cryptographic_techniques.html
Details	File	4	equations.html
Details	File	4	equation_drug.html
Details	File	1	report_on_the_worm_stuxnet_attack.html
Details	File	1	analysis_on_the_flame.html
Details	File	1	r120521_001.htm
Details	File	3	antiy_wannacry_nsa.html
Details	File	1	feedtrough_nsa.html
Details	md5	1	97ab78fc4ea250fad8f4a96ff6547633
Details	md5	1	d48c5e182103d574e6b3127b8d1889f9
Details	md5	1	29ddac3b1dd9873c5d793746f1055ed0
Details	IPv4	1	192.168.206.110
Details	IPv4	1	192.168.208.10
Details	IPv4	1	10.255.10.10
Details	IPv4	1	192.168.206.111
Details	IPv4	1	192.168.208.11
Details	IPv4	1	10.255.10.11
Details	Url	1	https://www.antiy.cn/video/20190531/lup.mp4
Details	Url	1	http://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy
Details	Url	4	https://www.antiy.com/response/equation_antiy_report.html
Details	Url	2	https://www.antiy.com/response/equation_part_of_the_component_analysis_of_cryptographic_techniques.html
Details	Url	4	https://www.antiy.com/response/equations/equations.html
Details	Url	4	https://www.antiy.com/response/equation_drug/equation_drug.html
Details	Url	1	https://www.antiy.com/response/stuxnet/report_on_the_worm_stuxnet_attack.html
Details	Url	1	https://www.antiy.com/response/flame/analysis_on_the_flame.html
Details	Url	1	http://www.antiy.com/cn/security/2012/r120521_001.htm
Details	Url	1	https://www.eastnets.com/about
Details	Url	1	https://www.treasuryandrisk.com/2010/10/01/how-to-pick-a-swift-service-bureau
Details	Url	3	https://www.antiy.com/response/antiy_wannacry_nsa.html
Details	Url	1	https://www.schneier.com/blog/archives/2014/01/feedtrough_nsa.html
Details	Url	1	https://mp.weixin.qq.com/s?__biz=mzi0nju2ndmwnq==&mid=2247485034&idx=1&sn=97ab78fc4ea250fad8f4a96ff6547633&scene=21#wechat_redirect
Details	Url	1	https://mp.weixin.qq.com/s?__biz=mzi0nju2ndmwnq==&mid=2247486352&idx=1&sn=d48c5e182103d574e6b3127b8d1889f9&scene=21#wechat_redirect
Details	Url	1	https://mp.weixin.qq.com/s?__biz=mzi0nju2ndmwnq==&mid=2247486420&idx=1&sn=29ddac3b1dd9873c5d793746f1055ed0&scene=21#wechat_redirect
Details	Url	4	https://www.sans.org/reading-room/whitepapers/analyst/sliding-scale-cyber-security-36240