Copy cat of APT Sidewinder ?
Tags
| country: | Afghanistan India Pakistan |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | a1436210-d290-49d4-8af7-1fc7fbe9c094 |
| Fingerprint | c12f14185cf7cd05 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | July 9, 2019, noon |
| Added to db | Jan. 16, 2023, 4:56 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | Copy cat of APT Sidewinder ? |
| Title | Copy cat of APT Sidewinder ? |
| Detected Hints/Tags/Attributes | 36/3/28 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://medium.com/@Sebdraven/copy-cat-of-apt-sidewinder-1893059ca68d |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 87 | app.any.run |
|
| Details | Domain | 1 | vidyasagaracademybrg.in |
|
| Details | Domain | 4128 | github.com |
|
| Details | File | 33 | duser.dll |
|
| Details | File | 1 | itstr.exe |
|
| Details | File | 2 | form_main.pas |
|
| Details | File | 1 | c:\programdata\dsk\credwiz.exe |
|
| Details | File | 1 | c:\programdata\dsk\duser.dll |
|
| Details | File | 1 | c:\users\admin\appdata\local\temp\windows cleaner\itstr.exe |
|
| Details | Github username | 2 | grampinha |
|
| Details | md5 | 1 | 7af11efe4454dab75ad2338124be149d |
|
| Details | sha1 | 1 | 2848db54d87006714309ce6a1c4ce92e5a29aab7 |
|
| Details | sha256 | 1 | 3a0950b425b60c2e8be38ed1307d5817513a934dac2fed75fad820dd66a4b244 |
|
| Details | sha256 | 2 | 17eabfb88a164aa95731f198bd69a7285cc7f64acd7c289062cd3979a4a2f5bf |
|
| Details | sha256 | 1 | 709d548a42500b15db4b171711a31a2ab227f508f60d4cde670b2b9081ce56af |
|
| Details | sha256 | 1 | 26ca6af15ff8273733a6a386a482357256ac4373a8641e486fb646bc9c525afa |
|
| Details | IPv4 | 2 | 167.86.116.39 |
|
| Details | IPv4 | 1 | 143.95.251.24 |
|
| Details | Url | 1 | https://twitter.com/timele9527/status/1147750939576586244 |
|
| Details | Url | 1 | https://app.any.run/tasks/487b8762-997a-4d68-9072-1111b99967cf |
|
| Details | Url | 1 | https://www.facebook.com/197655951060181/posts/httpwwwvidyasagaracademybrgindefaultaspx/197663174392792 |
|
| Details | Url | 1 | https://github.com/grampinha/allakore_remote |
|
| Details | Url | 2 | https://github.com/grampinha/allakore_remote/blob/master/source/client/form_main.pas |
|
| Details | Url | 1 | http://vidyasagaracademybrg.in/scripts/lnk/comm |
|
| Details | Url | 1 | http://vidyasagaracademybrg.in/scripts/am |
|
| Details | Url | 1 | http://vidyasagaracademybrg.in/scripts/lnk/comm/comm.hta |
|
| Details | Url | 1 | http://vidyasagaracademybrg.in/scripts/am/am_cy_167.hta |