Investigating the Actor Behind Operation Diplomatic Specter — TGR-STA-0043
Common Information
Type Value
UUID 981d32e7-f4bd-4280-8953-2babef83db36
Fingerprint 1de1019fa9b0969d
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 30, 2024, 1:49 a.m.
Added to db Oct. 30, 2024, 3:22 a.m.
Last updated Nov. 4, 2024, 2:20 a.m.
Headline Investigating the Actor Behind Operation Diplomatic Specter — TGR-STA-0043
Title Investigating the Actor Behind Operation Diplomatic Specter — TGR-STA-0043
Detected Hints/Tags/Attributes 74/1/25
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 167 Cybersecurity on Medium https://medium.com/feed/tag/cybersecurity 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 368
wscript.shell
Details Domain 1
govm.tk
Details Domain 1
update.microsoft-ns1.com
Details Domain 1
labour.govu.ml
Details Domain 1
api.microsoft-ns1.com
Details Domain 1
cloud.microsoft-ns1.com
Details Domain 1
home.microsoft-ns1.com
Details Domain 1
static.microsoft-ns1.com
Details File 124
w3wp.exe
Details File 11
scripting.dic
Details File 1
ixmldomelement.dat
Details File 1
iwshshell3.exe
Details sha256 1
22d556db39bde212e6dbaa154e9bcf57527e7f51fa2f8f7a60f6d7109b94048e
Details sha256 1
8198c8b5eaf43b726594df62127bcb1a4e0e46cf5cb9fa170b8d4ac2a4dad179
Details sha256 1
0f72e9eb5201b984d8926887694111ed09f28c87261df7aab663f5dc493e215f
Details sha256 1
0b980e7a5dd5df0d6f07aabd6e7e9fc2e3c9e156ef8c0a62a0e20cd23c333373
Details sha256 1
d5a44380e4f7c1096b1dddb6366713aa8ecb76ef36f19079087fc76567588977
Details sha256 1
62dec3fd2cdbc1374ec102d027f09423aa2affe1fb40ca05bf742f249ad7eb51
Details sha256 1
0e0b5c5c5d569e2ac8b70ace920c9f483f8d25aae7769583a721b202bcc0778f
Details IPv4 1
103.108.67.153
Details IPv4 1
103.149.90.235
Details IPv4 1
103.108.192.238
Details IPv4 1
194.14.217.34
Details IPv4 3
192.225.226.217
Details Threat Actor Identifier by Unit 42 7
CL-STA-0043