APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
Tags
country: South Korea Poland Slovakia
attack-pattern: Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 94a4fe35-4da9-4bbe-b24a-b3dface3e583
Fingerprint a46897ac8a3cfa47
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 28, 2024, 7:18 p.m.
Added to db Aug. 31, 2024, 6:26 a.m.
Last updated Nov. 17, 2024, 5:50 p.m.
Headline APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
Title APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
Detected Hints/Tags/Attributes 39/2/7
Source URLs
Redirection Url
Details Source https://thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html
URL Provider
Details Provider Source level domain
Details thehackernews.com thehackernews.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 118 The Hacker News https://feeds.feedburner.com/TheHackersNews 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 32 
cve-2024-7262
Details CVE 17 
cve-2024-7263
Details Domain 1 
cradle.im
Details File 18 
promecefpluginhost.exe
Details File 12 
taskcontroler.dll
Details File 2 
pidgin-screenshare.dll
Details Threat Actor Identifier - APT-C 27 
APT-C-60