SideWinder APT IOCs - SEC-1275-1
Tags
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 |
Common Information
| Type | Value |
|---|---|
| UUID | b61bd48d-e79a-4606-9d78-4764173d94a4 |
| Fingerprint | 6d57ad9757c2d17b |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 16, 2024, midnight |
| Added to db | Oct. 16, 2024, 8:21 a.m. |
| Last updated | Nov. 17, 2024, 5:55 p.m. |
| Headline | SideWinder APT IOCs |
| Title | SideWinder APT IOCs - SEC-1275-1 |
| Detected Hints/Tags/Attributes | 10/1/167 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://1275.ru/ioc/5420/sidewinder-apt-iocs-2/?mtm_campaign=rss |
URL Provider
| Details | Provider | Source level domain |
|---|---|---|
| Details | 1275.ru | 1275.ru |
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 8 | ✔ | Архивы IOC - SEC-1275-1 | https://1275.ru/ioc/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | Domain | 3 | 126-com.live |
|
| Details | Domain | 3 | 163inc.com |
|
| Details | Domain | 4 | afmat.tech |
|
| Details | Domain | 3 | alit.live |
|
| Details | Domain | 3 | aliyum.tech |
|
| Details | Domain | 4 | aliyumm.tech |
|
| Details | Domain | 3 | asyn.info |
|
| Details | Domain | 4 | ausibedu.org |
|
| Details | Domain | 4 | bol-south.org |
|
| Details | Domain | 3 | cnsa-gov.org |
|
| Details | Domain | 3 | colot.info |
|
| Details | Domain | 4 | comptes.tech |
|
| Details | Domain | 3 | condet.org |
|
| Details | Domain | 3 | conft.live |
|
| Details | Domain | 4 | dafpak.org |
|
| Details | Domain | 3 | decoty.tech |
|
| Details | Domain | 4 | defenec.net |
|
| Details | Domain | 4 | defpak.org |
|
| Details | Domain | 3 | detru.info |
|
| Details | Domain | 4 | dgps-govpk.co |
|
| Details | Domain | 4 | dgps-govpk.com |
|
| Details | Domain | 3 | dinfed.co |
|
| Details | Domain | 2 | dirctt88.co |
|
| Details | Domain | 3 | dirctt88.net |
|
| Details | Domain | 3 | direct88.co |
|
| Details | Domain | 3 | direct888.net |
|
| Details | Domain | 3 | directt888.com |
|
| Details | Domain | 3 | donwloaded.com |
|
| Details | Domain | 3 | donwloaded.net |
|
| Details | Domain | 3 | donwload-file.com |
|
| Details | Domain | 4 | dowmload.net |
|
| Details | Domain | 4 | downld.net |
|
| Details | Domain | 3 | downloadabledocx.com |
|
| Details | Domain | 4 | download-file.net |
|
| Details | Domain | 4 | dynat.tech |
|
| Details | Domain | 3 | dytt88.org |
|
| Details | Domain | 3 | e1ix.mov |
|
| Details | Domain | 3 | e1x.tech |
|
| Details | Domain | 4 | fia-gov.com |
|
| Details | Domain | 4 | fia-gov.net |
|
| Details | Domain | 4 | gov-govpk.info |
|
| Details | Domain | 4 | govpk.info |
|
| Details | Domain | 3 | govpk.net |
|
| Details | Domain | 3 | grouit.tech |
|
| Details | Domain | 3 | gtrec.info |
|
| Details | Domain | 3 | healththebest.com |
|
| Details | Domain | 3 | jmicc.xyz |
|
| Details | Domain | 3 | kernet.info |
|
| Details | Domain | 3 | kretic.info |
|
| Details | Domain | 3 | lforvk.com |
|
| Details | Domain | 4 | mfacom.org |
|
| Details | Domain | 3 | mfa-gov.info |
|
| Details | Domain | 3 | mfa-gov.net |
|
| Details | Domain | 4 | mfagov.org |
|
| Details | Domain | 4 | mfa-govt.net |
|
| Details | Domain | 3 | mfas.pro |
|
| Details | Domain | 3 | mitlec.site |
|
| Details | Domain | 4 | mod-gov-pk.live |
|
| Details | Domain | 3 | mofa.email |
|
| Details | Domain | 3 | mofagovs.org |
|
| Details | Domain | 3 | moittpk.net |
|
| Details | Domain | 4 | moittpk.org |
|
| Details | Domain | 3 | mshealthcheck.live |
|
| Details | Domain | 3 | nactagovpk.org |
|
| Details | Domain | 3 | navy-mil.co |
|
| Details | Domain | 3 | newmofa.com |
|
| Details | Domain | 4 | newoutlook.live |
|
| Details | Domain | 3 | nopler.live |
|
| Details | Domain | 3 | ntcpak.live |
|
| Details | Domain | 3 | ntcpak.org |
|
| Details | Domain | 4 | ntcpk.info |
|
| Details | Domain | 3 | ntcpk.net |
|
| Details | Domain | 4 | numpy.info |
|
| Details | Domain | 3 | numzy.net |
|
| Details | Domain | 3 | nventic.info |
|
| Details | Domain | 3 | office-drive.live |
|
| Details | Domain | 3 | pafgovt.com |
|
| Details | Domain | 4 | paknavy-gov.org |
|
| Details | Domain | 4 | paknavy-govpk.info |
|
| Details | Domain | 4 | paknavy-govpk.net |
|
| Details | Domain | 3 | pdfrdr-update.com |
|
| Details | Domain | 3 | pdfrdr-update.info |
|
| Details | Domain | 3 | pmd-office.com |
|
| Details | Domain | 3 | pmd-office.live |
|
| Details | Domain | 3 | pmd-office.org |
|
| Details | Domain | 3 | ptcl-net.com |
|
| Details | Domain | 3 | scrabt.tech |
|
| Details | Domain | 3 | shipping-policy.info |
|
| Details | Domain | 3 | sjfu-edu.co |
|
| Details | Domain | 3 | support-update.info |
|
| Details | Domain | 2 | tazze.co |
|
| Details | Domain | 3 | tex-ideas.info |
|
| Details | Domain | 4 | tni-mil.com |
|
| Details | Domain | 3 | tsinghua-edu.tech |
|
| Details | Domain | 3 | tumet.info |
|
| Details | Domain | 3 | u1x.co |
|
| Details | Domain | 3 | ujsen.net |
|
| Details | Domain | 4 | update-govpk.co |
|
| Details | Domain | 3 | updtesession.online |
|
| Details | Domain | 3 | widge.info |
|
| Details | File | 2 | asyn.inf |
|
| Details | File | 2 | colot.inf |
|
| Details | File | 2 | detru.inf |
|
| Details | File | 2 | e1ix.mov |
|
| Details | File | 2 | gov-govpk.inf |
|
| Details | File | 2 | govpk.inf |
|
| Details | File | 2 | gtrec.inf |
|
| Details | File | 2 | kernet.inf |
|
| Details | File | 2 | kretic.inf |
|
| Details | File | 2 | mfa-gov.inf |
|
| Details | File | 2 | ntcpk.inf |
|
| Details | File | 2 | numpy.inf |
|
| Details | File | 2 | nventic.inf |
|
| Details | File | 2 | paknavy-govpk.inf |
|
| Details | File | 2 | pdfrdr-update.inf |
|
| Details | File | 2 | shipping-policy.inf |
|
| Details | File | 2 | support-update.inf |
|
| Details | File | 2 | tex-ideas.inf |
|
| Details | File | 2 | tumet.inf |
|
| Details | File | 2 | widge.inf |
|
| Details | md5 | 3 | 0fbb71525d65f0196a9bfbffea285b18 |
|
| Details | md5 | 3 | 101a63ecdd8c68434c665bf2b1d3ffc7 |
|
| Details | md5 | 3 | 1be93704870afd0b22a4475014f199c3 |
|
| Details | md5 | 3 | 1c36177ac4423129e301c5a40247f180 |
|
| Details | md5 | 3 | 1ed7ad166567c46f71dc703e55d31c7a |
|
| Details | md5 | 3 | 2011658436a7b04935c06f59a5db7161 |
|
| Details | md5 | 3 | 26aa30505d8358ebeb5ee15aecb1cbb0 |
|
| Details | md5 | 3 | 2f0e150e3d6dbb1624c727d1a641e754 |
|
| Details | md5 | 3 | 2f4ba98dcd45e59fca488f436ab13501 |
|
| Details | md5 | 3 | 3233db78e37302b47436b550a21cdaf9 |
|
| Details | md5 | 3 | 3a036a1846bfeceb615101b10c7c910e |
|
| Details | md5 | 3 | 3a6916192106ae3ac7e55bd357bc5eee |
|
| Details | md5 | 3 | 3ede84d84c02aa7483eb734776a20dea |
|
| Details | md5 | 3 | 412b6ac53aeadb08449e41dccffb1abe |
|
| Details | md5 | 3 | 423e150d91edc568546f0d2f064a8bf1 |
|
| Details | md5 | 3 | 44dbdd87b60c20b22d2a7926ad2d7bea |
|
| Details | md5 | 3 | 47f51c7f31ab4a0d91a0f4c07b2f99d7 |
|
| Details | md5 | 3 | 4a5e818178f9b2dc48839a5dbe0e3cc1 |
|
| Details | md5 | 3 | 4c40fcb2a12f171533fc070464db96d1 |
|
| Details | md5 | 3 | 515d2d6f91ba4b76847301855dfc0e83 |
|
| Details | md5 | 3 | 54aadadcf77dec53b2566fe61b034384 |
|
| Details | md5 | 3 | 5718c0d69939284ce4f6e0ce580958df |
|
| Details | md5 | 3 | 5cc784afb69c153ab325266e8a7afaf4 |
|
| Details | md5 | 3 | 6cf6d55a3968e2176db2bba2134bbe94 |
|
| Details | md5 | 3 | 7e97cbf25eef7fc79828c033049822af |
|
| Details | md5 | 3 | 8202209354ece5c53648c52bdbd064f0 |
|
| Details | md5 | 3 | 86eeb037f5669bff655de1e08199a554 |
|
| Details | md5 | 3 | 873079cd3e635adb609c38af71bad702 |
|
| Details | md5 | 3 | 8d7c43913eba26f96cd656966c1e26d5 |
|
| Details | md5 | 3 | 8e8b61e5fb6f6792f2bee0ec947f1989 |
|
| Details | md5 | 3 | 8f83d19c2efc062e8983bce83062c9b6 |
|
| Details | md5 | 3 | 92dd91a5e3dfb6260e13c8033b729e03 |
|
| Details | md5 | 3 | b3650a88a50108873fc45ad3c249671a |
|
| Details | md5 | 3 | b69867ee5b9581687cef96e873b775ff |
|
| Details | md5 | 3 | bf16760ee49742225fdb2a73c1bd83c7 |
|
| Details | md5 | 3 | c3ce4094b3411060928143f63701aa2e |
|
| Details | md5 | 3 | c87eb71ff038df7b517644fa5c097eac |
|
| Details | md5 | 3 | d0d1fba6bb7be933889ace0d6955a1d7 |
|
| Details | md5 | 3 | d885df399fc9f6c80e2df0c290414c2f |
|
| Details | md5 | 3 | e1bdfa55227d37a71cdc248dc9512296 |
|
| Details | md5 | 3 | e706fc65f433e54538a3dbb1c359d75f |
|
| Details | md5 | 3 | ea4b3f023bac3ad1a982cace9a6eafc3 |
|
| Details | md5 | 3 | eef9c0a9e364b4516a83a92592ffc831 |
|
| Details | md5 | 3 | f3058ac120a2ae7807f36899e27784ea |
|
| Details | md5 | 3 | f840c721e533c05d152d2bc7bf1bc165 |
|
| Details | Threat Actor Identifier by Tencent | 27 | T-APT-04 |