Threat Group Uses Voice Changing Software in Espionage Attempt - Cado Security | Cloud Investigation
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 99b53fbb-28d7-4569-b2e8-ba13cd503916 |
| Fingerprint | ff42931889fa8cc9 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 6, 2021, 6:45 p.m. |
| Added to db | April 15, 2023, 12:57 p.m. |
| Last updated | Nov. 17, 2024, 5:55 p.m. |
| Headline | Threat Group Uses Voice Changing Software in Espionage Attempt |
| Title | Threat Group Uses Voice Changing Software in Espionage Attempt - Cado Security | Cloud Investigation |
| Detected Hints/Tags/Attributes | 66/3/58 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | 88.zip |
|
| Details | Domain | 1 | 00.zip |
|
| Details | Domain | 1 | www.hotmiali.com |
|
| Details | Domain | 57 | www.clearskysec.com |
|
| Details | Domain | 224 | unit42.paloaltonetworks.com |
|
| Details | Domain | 15 | blog.lookout.com |
|
| Details | Domain | 247 | www.virusbulletin.com |
|
| Details | Domain | 22 | ddanchev.blogspot.com |
|
| Details | Domain | 8 | www.timesofisrael.com |
|
| Details | Domain | 2 | mslove.mypressonline.com |
|
| Details | Domain | 1 | postmail.website |
|
| Details | Domain | 2 | israanews.zz.com.ve |
|
| Details | Domain | 2 | adamnews.for.ug |
|
| Details | Domain | 2 | martnews.aba.ae |
|
| Details | Domain | 2 | fateh.aba.ae |
|
| Details | Domain | 2 | mmksba100.linkpc.net |
|
| Details | Domain | 2 | new2019.mine.nu |
|
| Details | Domain | 2 | webhoptest.webhop.info |
|
| Details | Domain | 1 | mmksba.simple-url.com |
|
| Details | Domain | 2 | mmksba.dyndns.org |
|
| Details | Domain | 1 | formore.for-more.biz |
|
| Details | Domain | 194 | drive.google.com |
|
| Details | File | 1 | 88.zip |
|
| Details | File | 6 | 00.zip |
|
| Details | File | 1 | recon.exe |
|
| Details | File | 1 | البحث.txt |
|
| Details | File | 1 | method.txt |
|
| Details | File | 1 | pingips.exe |
|
| Details | File | 2 | dustysky_tlp_white.pdf |
|
| Details | File | 1 | finkelsteinkayal-vb2018-aptc23.pdf |
|
| Details | File | 1 | exposing-yet-another-currently-active.html |
|
| Details | File | 3 | 2019.exe |
|
| Details | File | 1 | circulating.exe |
|
| Details | File | 1 | safaratt.exe |
|
| Details | sha256 | 1 | b6a31f6c12c2a51b507be44ce14b39728e38a63392b0f327dbbc4b71785d6148 |
|
| Details | sha256 | 1 | 7d3386e0659e1a7be0588b2401c9f8b54831be4d131b9ee89d43b98361331364 |
|
| Details | sha256 | 1 | 3c9f7f5ca27cb2c376a70d0aa2bd19b2008702e7c03c0802d8b9140fa712390e |
|
| Details | sha256 | 1 | 03d82852bbb28d1740e50206e7726c006b9b984a8309e2f203e65a67d7d3bcad |
|
| Details | sha256 | 1 | ed7e46b0cf27b8f728cdd71a7c4ae98afde8d2e63f0817eb322c8e77bdd767c5 |
|
| Details | sha256 | 1 | e15a9edb83570ecf5a77db28ee365a9498f522eab3c89d6dce4b9644571e9344 |
|
| Details | sha256 | 1 | e04869dc0ad21a83279655bff6ac4d78262269c94766198e7e947beb99c13025 |
|
| Details | sha256 | 1 | cab92dd0d3fea724edd141f5cc5ebc5758a10acead18c238a0b8cb747a991f8c |
|
| Details | sha256 | 1 | 94b95524fe91cba52371bd41a81be4643458fe4402401ab10699005254de1c5d |
|
| Details | sha256 | 1 | 367853e84f366ca08a437e10fda28dae42f3863af359736c46f018dac0c529be |
|
| Details | sha256 | 1 | 01b9d12713708ea911df3798eed67a5ae682b474c7390a0f7053791c479c8ed1 |
|
| Details | sha256 | 1 | 3853e0bf00d6dbfc574bc0564f0c90b93a66d644dd4dc8b8c00564f0b6edf581 |
|
| Details | sha256 | 1 | b767d0e9892cf7b554e74bc7d0d26d64a3262959763ddc0efd525abc2addc375 |
|
| Details | Threat Actor Identifier - APT-C | 79 | APT-C-23 |
|
| Details | Url | 1 | https://www.hotmiali.com/master/login/login |
|
| Details | Url | 1 | https://www.clearskysec.com/wp-content/uploads/2016/01/operation |
|
| Details | Url | 2 | https://unit42.paloaltonetworks.com/unit42-targeted-attacks-middle-east-using-kasperagent-micropsia |
|
| Details | Url | 4 | https://blog.lookout.com/frozencell-mobile-threat |
|
| Details | Url | 1 | https://www.virusbulletin.com/uploads/pdf/conference_slides/2018/finkelsteinkayal-vb2018-aptc23.pdf |
|
| Details | Url | 1 | https://ddanchev.blogspot.com/2019/05/exposing-yet-another-currently-active.html |
|
| Details | Url | 2 | https://www.clearskysec.com/glancelove |
|
| Details | Url | 1 | https://web.archive.org/web/20170311074704/https://www.idfblog.com/2017/01/11/hamas-fake-facebook-profiles-target-israeli-soldiers |
|
| Details | Url | 1 | https://www.timesofisrael.com/idf-hamas-hacked-soldiers-phones-by-posing-as-pretty-girls |
|
| Details | Url | 1 | https://drive.google.com/uc?export=download&id=1czc93fsqdhxvupjnsvfeshiie6gsozx7 |