Threat Hunting Case Study: Uncovering Turla
Tags
cmtmf-attack-pattern: Masquerading
country: Russia
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Match Legitimate Name Or Location - T1036.005 Match Legitimate Name Or Location - T1655.001 Tool - T1588.002 Masquerading - T1036 Masquerading
Show in Graph
Common Information
Type Value
UUID 942b14b9-e47e-4a3f-9d7e-a9263b741516
Fingerprint f40d0b91ad95d4c3
Analysis status DONE
Considered CTI value 1
Text language
Published Nov. 11, 2024, midnight
Added to db Nov. 12, 2024, 1:04 a.m.
Last updated Nov. 17, 2024, 6:55 p.m.
Headline Threat Hunting Case Study: Uncovering Turla
Title Threat Hunting Case Study: Uncovering Turla
Detected Hints/Tags/Attributes 61/3/6
Source URLs
Redirection Url
Details Source https://intel471.com/blog/threat-hunting-case-study-uncovering-turla
URL Provider
Details Provider Source level domain
Details intel471.com intel471.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 138 Intel471 https://intel471.com/blog/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 81 
werfault.exe
Details File 61 
1.bat
Details File 16 
2.bat
Details File 5 
3.bat
Details File 249 
schtasks.exe
Details MITRE ATT&CK Techniques 183 
T1036.005