Chinese Alloy Taurus Updates PingPull Malware
Tags
country: China Nepal Japan South Africa
attack-pattern: Data Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Timestomp - T1070.006 Web Shell - T1505.003 Tool - T1588.002 Timestomp - T1099 Web Shell - T1100
Show in Graph
Common Information
Type Value
UUID a6e244ce-69ae-4e74-b11b-f80ad5edf0ac
Fingerprint 3de83d910db56709
Analysis status DONE
Considered CTI value 2
Text language
Published April 26, 2023, 10 a.m.
Added to db June 5, 2023, 10:46 a.m.
Last updated Sept. 4, 2024, 6:19 a.m.
Headline Chinese Alloy Taurus Updates PingPull Malware
Title Chinese Alloy Taurus Updates PingPull Malware
Detected Hints/Tags/Attributes 75/2/9
Source URLs
Redirection Url
Details Source https://unit42.paloaltonetworks.com/alloy-taurus/
URL Provider
Details Provider Source level domain
Details paloaltonetworks.com unit42.paloaltonetworks.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 120 Unit 42 https://feeds.feedburner.com/Unit42 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 5 
yrhsywu2009.zapto.org
Details Domain 3 
saspecialforces.co
Details Domain 3 
vpn729380678.softether.net
Details sha256 2 
cb0922d8b130504bf9a3078743294791201789c5a3d7bc0369afd096ea15f0ae
Details sha256 2 
5ba043c074818fdd06ae1d3939ddfe7d3d35bab5d53445bc1f2f689859a87507
Details sha256 2 
e39b5c32ab255ad284ae6d4dae8b4888300d4b5df23157404d9c8be3f95b3253
Details IPv4 4 
196.216.136.139
Details IPv4 3 
5.181.25.99
Details IPv4 2 
45.251.241.82