A Deep Dive into Brute Ratel C4 payloads – CYBER GEEKS
Tags
| country: | China |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Parent Pid Spoofing - T1134.004 Parent Pid Spoofing - T1502 Software - T1592.002 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | b34106dd-c017-4e26-b85d-bdfe20ad6d7e |
| Fingerprint | ad2cbd1b292b2a91 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | Aug. 31, 2023, midnight |
| Added to db | Aug. 31, 2024, 2:31 a.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | A Deep Dive into Brute Ratel C4 payloads |
| Title | A Deep Dive into Brute Ratel C4 payloads – CYBER GEEKS |
| Detected Hints/Tags/Attributes | 42/2/12 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://cybergeeks.tech/a-deep-dive-into-brute-ratel-c4-payloads/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 91 | ✔ | CYBER GEEKS | https://cybergeeks.tech/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | deloitte.com.cn |
|
| Details | Domain | 281 | docs.microsoft.com |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 224 | unit42.paloaltonetworks.com |
|
| Details | 2 | trial@deloitte.com.cn |
||
| Details | File | 13 | content.php |
|
| Details | Github username | 19 | mandiant |
|
| Details | sha256 | 3 | d71dc7ba8523947e08c6eec43a726fe75aed248dfd3a7c4f6537224e9ed05f6f |
|
| Details | IPv4 | 2 | 45.77.172.28 |
|
| Details | Url | 9 | https://docs.microsoft.com/en-us/windows/win32/api |
|
| Details | Url | 3 | https://github.com/mandiant/flare-fakenet-ng |
|
| Details | Url | 3 | https://unit42.paloaltonetworks.com/brute-ratel-c4-tool |