UNKNOWN
Tags
country: | Netherlands Pakistan Ukraine |
attack-pattern: | Botnet - T1583.005 Botnet - T1584.005 Tool - T1588.002 Rootkit - T1014 Rootkit |
Common Information
Type | Value |
---|---|
UUID | a96d8bf4-19ae-4157-b3a1-d4eb6099fdd3 |
Fingerprint | 7d251cc37fe01c5c |
Analysis status | IN_PROGRESS |
Considered CTI value | 0 |
Text language | |
Published | None |
Added to db | Dec. 20, 2024, 12:02 a.m. |
Last updated | Dec. 23, 2024, 2:25 a.m. |
Headline | UNKNOWN |
Title | UNKNOWN |
Detected Hints/Tags/Attributes | 48/2/54 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://www.secrss.com/articles/7530 |
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 10 | cve-2017-12824 |
|
Details | CVE | 115 | cve-2018-8174 |
|
Details | CVE | 7 | cve-2007-5633 |
|
Details | CVE | 5 | cve-2010-1592 |
|
Details | CVE | 5 | cve-2009-0824 |
|
Details | CVE | 74 | cve-2017-8570 |
|
Details | CVE | 33 | cve-2018-8373 |
|
Details | Domain | 195 | www.securityweek.com |
|
Details | Domain | 127 | www.justice.gov |
|
Details | Domain | 71 | www.cyberscoop.com |
|
Details | Domain | 263 | unit42.paloaltonetworks.com |
|
Details | Domain | 1490 | twitter.com |
|
Details | Domain | 22 | ti.360.net |
|
Details | Domain | 95 | securityaffairs.co |
|
Details | Domain | 462 | securelist.com |
|
Details | Domain | 285 | blog.talosintelligence.com |
|
Details | Domain | 6752 | 163.com |
|
Details | File | 14 | msfte.dll |
|
Details | File | 6 | ntwdblib.dll |
|
Details | File | 1 | 初始loader程序将合法的windows库'scesrv.dll |
|
Details | File | 2 | overruled-containing-a-potentially-destructive-adversary.html |
|
Details | File | 3 | apt38-details-on-new-north-korean-regime-backed-threat-group.html |
|
Details | File | 1 | 5fc9c36b4cb81d4281599f0d3416931a.pdf |
|
Details | File | 1 | vpnfilter-botnet-doj.html |
|
Details | File | 8 | vpnfilter.html |
|
Details | md5 | 1 | 5fc9c36b4cb81d4281599f0d3416931a |
|
Details | Threat Actor Identifier - APT-C | 28 | APT-C-06 |
|
Details | Threat Actor Identifier - APT-C | 15 | APT-C-12 |
|
Details | Threat Actor Identifier - APT | 915 | APT28 |
|
Details | Threat Actor Identifier - APT | 178 | APT38 |
|
Details | Url | 2 | https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group |
|
Details | Url | 2 | https://www.securityweek.com/russia-hacked-olympics-computers-turned-blame-north-korea-report |
|
Details | Url | 7 | https://www.justice.gov/opa/press-release/file/1092091/download |
|
Details | Url | 2 | https://www.fireeye.com/blog/threat-research/2018/12/overruled-containing-a-potentially-destructive-adversary.html |
|
Details | Url | 2 | https://www.fireeye.com/blog/threat-research/2018/10/apt38-details-on-new-north-korean-regime-backed-threat-group.html |
|
Details | Url | 3 | https://www.cyberscoop.com/kaspersky-slingshot-isis-operation-socom-five-eyes |
|
Details | Url | 1 | https://www.bleepingcomputer.com/news/security/ukraine-says-it-stopped-a-vpnfilter-attack-on-a-chlorine-distillation-station |
|
Details | Url | 3 | https://unit42.paloaltonetworks.com/dear-joohn-sofacy-groups-global-campaign |
|
Details | Url | 1 | https://twitter.com/360tic/status/1078908533125443584 |
|
Details | Url | 1 | https://ti.360.net/uploads/2018/07/05/5fc9c36b4cb81d4281599f0d3416931a.pdf |
|
Details | Url | 1 | https://ti.360.net/blog/articles/oceanlotus-with-cve-2017-8570 |
|
Details | Url | 4 | https://ti.360.net/blog/articles/oceanlotus-targets-chinese-university |
|
Details | Url | 1 | https://ti.360.net/blog/articles/latest-sample-and-c2-mechanism-of-apt-c-12 |
|
Details | Url | 3 | https://ti.360.net/blog/articles/details-of-apt-c-12-of-operation-nuclearcrisis |
|
Details | Url | 3 | https://ti.360.net/blog/articles/analyzing-attack-of-cve-2018-8373-and-darkhotel |
|
Details | Url | 1 | https://ti.360.net/blog/articles/analysis-of-targeted-attack-against-pakistan-by-exploiting-inpage-vulnerability-and-related-apt-groups |
|
Details | Url | 1 | https://ti.360.net/blog/articles/analysis-of-darkhotel |
|
Details | Url | 2 | https://ti.360.net/blog/articles/analysis-of-apt-campaign-bitter |
|
Details | Url | 1 | https://securityaffairs.co/wordpress/72851/apt/vpnfilter-botnet-doj.html |
|
Details | Url | 1 | https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/shamoon-attackers-employ-new-tool-kit-to-wipe-infected-systems |
|
Details | Url | 1 | https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/malicious-document-targets-pyeongchang-olympics |
|
Details | Url | 1 | https://securelist.com/threats-in-the-netherlands/88185 |
|
Details | Url | 5 | https://securelist.com/apt-slingshot/84312 |
|
Details | Url | 8 | https://blog.talosintelligence.com/2018/05/vpnfilter.html |