腾讯安全2018年高级持续性威胁(APT)研究报告 - FreeBuf网络安全行业门户
Tags
Common Information
| Type | Value |
|---|---|
| UUID | a81a7521-d0d6-4f48-811f-3d9f32eeceb2 |
| Fingerprint | 3f4fbc86b6790fef |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Jan. 3, 2019, 10 a.m. |
| Added to db | April 15, 2023, 1:04 p.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | UNKNOWN |
| Title | 腾讯安全2018年高级持续性威胁(APT)研究报告 - FreeBuf网络安全行业门户 |
| Detected Hints/Tags/Attributes | 55/0/38 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.freebuf.com/articles/network/193420.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 106 | cve-2018-8174 |
|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | CVE | 58 | cve-2018-0798 |
|
| Details | CVE | 27 | cve-2018-8373 |
|
| Details | CVE | 92 | cve-2018-4878 |
|
| Details | CVE | 14 | cve-2018-5002 |
|
| Details | CVE | 32 | cve-2018-8120 |
|
| Details | Domain | 216 | www.symantec.com |
|
| Details | Domain | 224 | unit42.paloaltonetworks.com |
|
| Details | Domain | 262 | www.welivesecurity.com |
|
| Details | Domain | 7 | gsec.hitb.org |
|
| Details | Domain | 177 | blog.trendmicro.com |
|
| Details | File | 1 | 白加黑组合包括dot1xtray.exe |
|
| Details | File | 1 | +rastls.dll |
|
| Details | File | 2 | softmanager.exe |
|
| Details | File | 1 | +dbghelp.dll |
|
| Details | File | 1 | 加载最终的由cobaltstrike生成的beacon.dll |
|
| Details | File | 1 | 如使用msfte.dll |
|
| Details | File | 1 | 和mstracer.dll |
|
| Details | File | 7 | copy.doc |
|
| Details | File | 2 | detail.doc |
|
| Details | File | 2 | senate.doc |
|
| Details | File | 2 | confidential.doc |
|
| Details | File | 18 | report.doc |
|
| Details | File | 2 | karim.pdf |
|
| Details | Threat Actor Identifier - APT-C | 79 | APT-C-23 |
|
| Details | Threat Actor Identifier - APT-C | 17 | APT-C-27 |
|
| Details | Threat Actor Identifier - APT | 132 | APT32 |
|
| Details | Threat Actor Identifier - APT | 665 | APT29 |
|
| Details | Threat Actor Identifier - APT | 258 | APT34 |
|
| Details | Threat Actor Identifier - APT | 277 | APT37 |
|
| Details | Threat Actor Identifier - FIN | 377 | FIN7 |
|
| Details | Url | 3 | https://www.symantec.com/blogs/threat-intelligence/gallmaker-attack-group |
|
| Details | Url | 3 | https://unit42.paloaltonetworks.com/unit42-gorgon-group-slithering-nation-state-cybercrime |
|
| Details | Url | 2 | https://www.welivesecurity.com/2018/11/20/oceanlotus-new-watering-hole-attack-southeast-asia |
|
| Details | Url | 2 | https://gsec.hitb.org/materials/sg2018/d1 |
|
| Details | Url | 1 | https://www.welivesecurity.com/2018/05/15/tale-two-zero-days |
|
| Details | Url | 1 | https://blog.trendmicro.com/trendlabs-security-intelligence/new-cve-2018-8373-exploit-spotted |