ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – Evasive Panda APT Delivers MgBot Malware To Target International NGOs In Mainland China – Active IOCs

Tags

country:	China
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Adversary-In-The-Middle - T1638 Adversary-In-The-Middle - T1557 Clipboard Data - T1414 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Clipboard Data - T1115 Third-Party Software - T1072

Show in Graph

Common Information

Type	Value
UUID	961d8900-e497-4238-9654-dddb17c44978
Fingerprint	84291db182017fcc
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 28, 2023, 8:33 a.m.
Added to db	May 2, 2023, 11:20 a.m.
Last updated	Sept. 5, 2024, 1:36 a.m.
Headline	Rewterz Threat Alert – Evasive Panda APT Delivers MgBot Malware To Target International NGOs In Mainland China – Active IOCs
Title	Rewterz Threat Alert – Evasive Panda APT Delivers MgBot Malware To Target International NGOs In Mainland China – Active IOCs
Detected Hints/Tags/Attributes	60/3/15

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-evasive-panda-apt-delivers-mgbot-malware-to-target-international-ngos-in-mainland-china-active-iocs/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	365	✔	—	https://www.rewterz.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	File	5		qqurlmgr.exe
Details	md5	1		f553ea019b79742eabcbacd387231623
Details	md5	1		ae5d92ef69074050a822f6669fe267b6
Details	md5	1		07df8d223f8a370cd703d177d7e93a36
Details	md5	1		889a7ae42fb44390ab99af071dd3d6b0
Details	sha1	1		970babe49945b98efada72b2314b25a008f75843
Details	sha1	1		22532a8c8594cd8a3294e68ceb56accf37a613b3
Details	sha1	1		9d1ecbbe8637fed0d89fca1af35ea821277ad2e8
Details	sha1	1		0781a2b6eb656d110a3a8f60e8bce9d407e4c4ff
Details	sha256	1		174a62201c7e2af67b7ad37bf7935f064a379f169cf257ca16e912a46ecc9841
Details	sha256	1		d9eec27bf827669cf13bfdb7be3fdb0fdf05a26d5b74adecaf2f0a48105ae934
Details	sha256	1		2c0cfe2f4f1e7539b4700e1205411ec084cbc574f9e4710ecd4733fbf0f8a7dc
Details	sha256	1		ee6a3331c6b8f3f955def71a6c7c97bf86ddf4ce3e75a63ea4e9cd6e20701024
Details	IPv4	1		122.10.88.226
Details	IPv4	1		122.10.90.12