Netskope Threat Coverage: WhisperGate
Tags
| cmtmf-attack-pattern: | Masquerading |
| country: | Ukraine |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Cloud Services - T1021.007 Defacement - T1491 Installutil - T1218.004 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Installutil - T1118 Masquerading - T1036 Powershell - T1086 Masquerading |
Common Information
| Type | Value |
|---|---|
| UUID | acc103ed-2dd3-47b5-94a5-670c30f35614 |
| Fingerprint | 822c0e812eaf8792 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Jan. 26, 2022, 9:20 p.m. |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 15, 2024, 12:42 p.m. |
| Headline | Netskope Threat Coverage: WhisperGate |
| Title | Netskope Threat Coverage: WhisperGate |
| Detected Hints/Tags/Attributes | 49/4/7 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.netskope.com/blog/netskope-threat-coverage-whispergate |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | win32.network |
|
| Details | Domain | 27 | gen.malware.detect.by |
|
| Details | File | 12 | tbopbh.jpg |
|
| Details | File | 9 | nmddfrqqrbyjeygggda.vbs |
|
| Details | File | 11 | advancedrun.exe |
|
| Details | File | 83 | installutil.exe |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 51 | DEV-0586 |