Rewterz Threat Advisory – Shuckworm APT Group aka Armageddon – Active IOCs
Tags
country: Russia
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Template Injection - T1221 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID a6f5bb9a-478b-430b-a531-f26318350e6e
Fingerprint a63819b5bb957fa1
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 16, 2022, 1:56 p.m.
Added to db Oct. 24, 2023, 1:33 p.m.
Last updated Sept. 5, 2024, 1:58 a.m.
Headline Rewterz Threat Advisory – Shuckworm APT Group aka Armageddon – Active IOCs
Title Rewterz Threat Advisory – Shuckworm APT Group aka Armageddon – Active IOCs
Detected Hints/Tags/Attributes 40/2/6
Source URLs
Redirection Url
Details Redirection https://www.rewterz.com/rewterz-news/rewterz-threat-advisory-shuckworm-apt-group-aka-armageddon-active-iocs
Details Source https://www.rewterz.com/rewterz-news/rewterz-threat-advisory-shuckworm-apt-group-aka-armageddon-active-iocs/
URL Provider
Details Provider Source level domain
Details rewterz.com www.rewterz.com
Attributes
Details Type #Events CTI Value
Details CVE 34 
cve-2023-4516
Details CVE 36 
cve-2023-45208
Details Domain 2 
hilr.ru
Details md5 1 
731d0d62bbf5cde9fadf0ebcff7a9d91
Details sha1 1 
cf7a985db0e7c8c6f837f56efbfd0ed5ba0417e9
Details sha256 2 
3bdc2d69d7e1625913cf7a9802396b693004ad84a43ee9e57230d22679b46839