ioc[.]one - OSINT Cyber Threat Intelligence Database

Chinese Threat Actors Targeting Europe in SmugX Campaign - Check Point Research

Tags

country:	China El Salvador France Hungary Suriname
attack-pattern:	Data Direct Html Smuggling - T1027.006 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	b9179fff-2e31-419b-bcb1-684237b52ec3
Fingerprint	24d58991b337878d
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 3, 2023, 9:46 a.m.
Added to db	Oct. 24, 2023, 1:18 p.m.
Last updated	Nov. 16, 2024, 11:18 a.m.
Headline	Chinese Threat Actors Targeting Europe in SmugX Campaign
Title	Chinese Threat Actors Targeting Europe in SmugX Campaign - Check Point Research
Detected Hints/Tags/Attributes	70/2/63

Source URLs

	Redirection	Url
Details	Source	https://research.checkpoint.com/2023/chinese-threat-actors-targeting-europe-in-smugx-campaign/

URL Provider

Details	Provider	Source level domain
Details	checkpoint.com	research.checkpoint.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	204	✔	Check Point Research	https://research.checkpoint.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	4	www.jcswcd.com
Details	Domain	9	tmp.zip
Details	Domain	228	system.io
Details	Domain	35	apt.win
Details	Domain	3	jcswcd.com
Details	Domain	3	newsmailnet.com
Details	File	3	un.docx
Details	File	9	tmp.zip
Details	File	2	robotaskbaricon.exe
Details	File	2	passwordgenerator.exe
Details	File	2	roboform.dll
Details	File	22	data.dat
Details	File	1	c:\users\user\appdata\local\temp\tmp.zip
Details	File	1	relex.pdf
Details	File	24	update.bat
Details	File	12	win.pl
Details	sha256	2	edb5d4b454b6c7d3abecd6de7099e05575b8f28bb09dfc364e45ce8c16a34fcd
Details	sha256	2	736451c2593bc1601c52b45c16ad8fd1aec56f868eb3bba333183723dea805af
Details	sha256	2	0e4b81e04ca77762be2afb8bd451abb2ff46d2831028cde1c5d0ec45199f01a1
Details	sha256	2	989ede1df02e4d9620f6caf75a88a11791d156f62fdea4258e12d972df76bc05
Details	sha256	2	10cad59ea2a566597d933b1e8ba929af0b4c7af85481eacaab708ef4ddf6e0ee
Details	sha256	3	c96723a68fc939c835578ff746f7d4c5371cb82a9c0dffe360bb656acea4d6e1
Details	sha256	2	9ce5abd02d397689d99f62dfbd2a6a396876c6629cb5db453f1dcbbc3465ac9a
Details	sha256	2	5f751fb287db51f79bb6df2e330a53b6d80ef3d2af93f09bb786b62e613514db
Details	sha256	2	baca1159acc715545a787d522950117eae5b7dc65efacfe86383f62e6b9b59d3
Details	sha256	2	720a70ca6ee1fbaf06c7cb60d14e27391130407e34e13a092d19f1df2c9c6d05
Details	sha256	3	460c459db77c5625ed1c029b2dd6c6eae5e631b81a169494fb0182d550769f76
Details	sha256	2	277390cc50e00f52e76a6562e6e699b0345497bd1df26c7c41bd56da5b6d1347
Details	sha256	2	3c6ace055527877778d989f469a5a70eb5ef7700375b850f0b1b8414151105ee
Details	sha256	2	27a61653ce4e503334413cf80809647ce5dca02ff4aea63fb3a39bc62c9c258c
Details	sha256	3	ce308b538ff3a0be0dbcee753db7e556a54b4aeddbddd0c03db7126b08911fe2
Details	sha256	2	fd0711a50c8af1dbc5c7ba42b894b2af8a2b03dd7544d20f5a887c93b9834429
Details	sha256	2	3489955d23e66d6f34b3ada70b4d228547dbb3ccb0f6c7282553cbbdeaf168cb
Details	sha256	2	04b99518502774deb4a9d9cf6b54d43ff8f333d8ec5b4b230c0e995542bb2c61
Details	sha256	2	bd3881964e351a7691bfc7e997e8a2c8ce4a8e26b79e3712d0cbdc484a5646b6
Details	sha256	2	ea2869424df2ffbb113017d95ae48ae8ed9897280fd21b26e046c75b3e43b25a
Details	sha256	3	b00c252a60171f33e32e64891ffe826b8a45f8816acf778838d788897213a405
Details	sha256	2	2bc30ced135acd6a506cfb557734407f21b70fecd2f645c5b938e14199b24f1e
Details	sha256	2	0d13a503d86a6450f71408eb82a196718324465744bf6b8c4e0a780fd5be40c0
Details	sha256	2	0bdfb922a39103658195d1d37ff584d24f7bd88464e7a119e86d6e3579958cc1
Details	sha256	2	a0879dd439c7f1ed520aad0c309fe1dbf1a2fc41e2468f4174489a0ec56c47c7
Details	sha256	2	bddbc529f23ab6b865bc750508403ef57c8cf77284d613d030949bd37078d880
Details	sha256	2	4547914e17c127d9b53bbc9d44de0e5b867f1a86d2e5ede828cd3188ed7fe838
Details	sha256	2	0032d5430f1b5fcfb6a380b4f1d226b6b919f2677340503f04df04235409b2d0
Details	sha256	2	62c2e246855d589eb1ec37a9f3bcc0b6f3ba9946532aff8a39a4dc9d3a93f42c
Details	sha256	2	f7d35cb95256513c07c262d4b03603e073e58eb4cd5fa9aac1e04ecc6e870d42
Details	sha256	2	bf4f8a5f75e9e5ecd752baa73abddd37b014728722ac3d74b82bffa625bf09b5
Details	sha256	2	8a6ef9aa3f0762b03f983a1e53e8c731247273aafa410ed884ecd4c4e02c7db8
Details	sha256	2	ec3e491a831b4057fc0e2ebe9f43c32f1f07959b6430b323d35d6d409d2b31e4
Details	sha256	2	bf8e512921522e49d16c638dc8d01bd0a2803a4ef019afbfc2f0941875019ea1
Details	sha256	2	ba55542c6fa12865633d6d24f4a81bffd512791a6e0a9b77f6b17a53e2216659
Details	sha256	2	8ea34b85dd4fb64f7e6591e4f1c24763fc3421caa7c0f0d8350c67b9bafa4d32
Details	sha256	2	8cac6dfb2a894ff3f530c29e79dcd37810b4628279b9570a34f7e22bd4d416b3
Details	sha256	2	ea5825fa1f39587a88882e87064caae9dd3b79f02438dc3a229c5b775b530c7d
Details	sha256	2	1acb061ce63ee8ee172fbdf518bd261ef2c46d818ffd4b1614db6ce3daa5a885
Details	sha256	2	08661f40f40371fc8a49380ad3d57521f9d0c2aa322ae4b0a684b27e637aed12
Details	sha256	2	324bfb2f414be221e24aaa9fb22cb49e4d4c0904bd7c203afdff158ba63fe35b
Details	IPv4	3	62.233.57.136
Details	IPv4	5	45.134.83.29
Details	IPv4	3	45.90.58.69
Details	IPv4	3	217.12.207.164
Details	IPv4	3	152.152.12.12
Details	Url	3	https://www.jcswcd.com/?wd=cqyahznz