Tick Group Weaponized Secure USB Drives to Target Air-Gapped Critical Systems
Tags
Common Information
| Type | Value |
|---|---|
| UUID | a0f0dd96-e99d-43c4-9b1a-6764c7e7a3ad |
| Fingerprint | a70419dbcd6ba381 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 22, 2018, 8 p.m. |
| Added to db | Jan. 16, 2023, 4:59 p.m. |
| Last updated | Aug. 31, 2024, 9:22 p.m. |
| Headline | Tick Group Weaponized Secure USB Drives to Target Air-Gapped Critical Systems |
| Title | Tick Group Weaponized Secure USB Drives to Target Air-Gapped Critical Systems |
| Detected Hints/Tags/Attributes | 67/2/14 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | pre.englandprevail.com |
|
| Details | File | 1 | %programfiles%\windows nt\accessories\microsoft\msxml.exe |
|
| Details | File | 1 | %userprofile%\applications\microsoft\msxml.exe |
|
| Details | sha256 | 1 | b1bb1d5f178b064eb1d7c9cc7cadcf8b3959a940c14cee457ce3aba5795660aa |
|
| Details | sha256 | 1 | 3227d1e39fc3bc842245ccdb16eeaadad3bcd298e811573b2e68ef2a7077f6f6 |
|
| Details | sha256 | 1 | 92e0d0346774127024c672cc7239dd269824a79e85b84c532128fd9663a0ce78 |
|
| Details | sha256 | 1 | 33665d93ab2a0262551c61ec9a3adca2c2b8dfea34e6f3f723274d88890f6ceb |
|
| Details | sha256 | 1 | 8549dcbdfc6885e0e7a1521da61352ef4f084d969dd30719166b47fdb204828a |
|
| Details | sha256 | 1 | 31aea8630d5d2fcbb37a8e72fe4e096d0f2d8f05e03234645c69d7e8b59bb0e8 |
|
| Details | sha256 | 1 | 019874898284935719dc74a6699fb822e20cdb8e3a96a7dc8ec4f625e3f1116e |
|
| Details | sha256 | 1 | ee8d025c6fea5d9177e161dbcedb98e871baceae33b7a4a12e9f73ab62bb0e38 |
|
| Details | sha256 | 1 | f817c9826089b49d251b8a09a0e9bf9b4b468c6e2586af60e50afe48602f0bec |
|
| Details | Windows Registry Key | 1 | HKLM\Software\Microsof\Windows\CurrentVersion\run |
|
| Details | Windows Registry Key | 1 | HKCU\Software\Microsof\Windows\CurrentVersion\run |