PlugXと攻撃者グループ "DragonOK"の関連性 | セキュリティ対策のラック
Tags
| attack-pattern: | Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | a87da7bf-f853-4b90-bd6a-ae23330ec903 |
| Fingerprint | fbaf0b45dbbbff3b |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 18, 2022, midnight |
| Added to db | Sept. 26, 2022, 9:31 a.m. |
| Last updated | Nov. 12, 2024, 11:49 a.m. |
| Headline | PlugXと攻撃者グループ "DragonOK"の関連性 |
| Title | PlugXと攻撃者グループ "DragonOK"の関連性 | セキュリティ対策のラック |
| Detected Hints/Tags/Attributes | 9/1/19 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.lac.co.jp/lacwatch/people/20171218_001445.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | php.marbletemps.com |
|
| Details | Domain | 1 | bbs.donkeyhaws.info |
|
| Details | Domain | 1 | http.donkeyhaws.info |
|
| Details | Domain | 1 | https.osakaintec.com |
|
| Details | 1 | jack.ondo@mail.com |
||
| Details | File | 33 | nslookup.exe |
|
| Details | File | 6 | mcoemcpy.exe |
|
| Details | File | 12 | mcutil.dll |
|
| Details | File | 1 | mlog.dat |
|
| Details | File | 8 | rastls.exe |
|
| Details | File | 20 | rastls.dll |
|
| Details | md5 | 1 | 97763d25af878d73d19deabe9ea2d564 |
|
| Details | md5 | 1 | 29cdae7dc2a7f7376a19e4de91b69c98 |
|
| Details | md5 | 1 | 58ba2c0ed39d5c874a4933677508f5cc |
|
| Details | IPv4 | 1 | 104.202.173.82 |
|
| Details | IPv4 | 1 | 206.161.218.49 |
|
| Details | IPv4 | 1 | 207.226.137.207 |
|
| Details | IPv4 | 1 | 118.193.163.133 |
|
| Details | IPv4 | 1 | 103.226.153.39 |