ioc[.]one - OSINT Cyber Threat Intelligence Database

Eager Beaver: A Short Overview of the Restless Threat Actor TA505

Tags

cmtmf-attack-pattern:	Geofencing
country:	Canada Germany South Korea Russia
maec-delivery-vectors:	Watering Hole
attack-pattern:	Domains - T1583.001 Domains - T1584.001 Geofencing - T1627.001 Geofencing - T1581 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	b8885b3f-408f-4b4d-8aa7-2b63569f419d
Fingerprint	34610dd10305c7c1
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 6, 2020, 3 p.m.
Added to db	Sept. 11, 2022, 12:40 p.m.
Last updated	Nov. 17, 2024, 5:54 p.m.
Headline	Eager Beaver: A Short Overview of the Restless Threat Actor TA505
Title	Eager Beaver: A Short Overview of the Restless Threat Actor TA505
Detected Hints/Tags/Attributes	79/4/10

Source URLs

	Redirection	Url
Details	Source	https://www.telekom.com/en/blog/group/article/eager-beaver-a-short-overview-of-the-restless-threat-actor-ta505-609546

URL Provider

Details	Provider	Source level domain
Details	telekom.com	www.telekom.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	1		cve-2020-14002
Details	Domain	4		t-systems.com
Details	Domain	1		onedrives-live.com
Details	Domain	95		ip-api.com
Details	Email	2		security-info@t-systems.com
Details	File	1		angebot_09082020_xxx.xls
Details	File	1		str_join1.dll
Details	md5	1		bc59fa5dbb11f5d286fc41e8f25c6cc0
Details	Threat Actor Identifier - APT	144		APT38
Details	Url	12		http://ip-api.com/json