Stellar Discovery of A New Cluster of Andromeda/Gamarue C2
Tags
Common Information
Type | Value |
---|---|
UUID | bae6721b-bca1-4d32-bdcc-fe4e81a9ad24 |
Fingerprint | c40f09497c31a7d3 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Jan. 1, 2024, midnight |
Added to db | Dec. 3, 2024, 4:21 p.m. |
Last updated | Dec. 18, 2024, 2:15 p.m. |
Headline | Stellar Discovery of A New Cluster of Andromeda/Gamarue C2 |
Title | Stellar Discovery of A New Cluster of Andromeda/Gamarue C2 |
Detected Hints/Tags/Attributes | 115/3/65 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://www.cybereason.com/blog/new-cluster-andromeda-gamrue-c2 |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 290 | ✔ | Blog | https://www.cybereason.com/blog/rss.xml | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 7 | malware.com |
|
Details | Domain | 3 | suckmycocklameavindustry.in |
|
Details | Domain | 4 | anam0rph.su |
|
Details | Domain | 1 | msdwzny.com |
|
Details | Domain | 1 | msrbiva.com |
|
Details | Domain | 4 | deltaheavy.ru |
|
Details | File | 1053 | rundll32.exe |
|
Details | File | 132 | c:\windows\system32\rundll32.exe |
|
Details | File | 198 | desktop.ini |
|
Details | File | 7 | c:\windows\system32\davclnt.dll |
|
Details | File | 1152 | svchost.exe |
|
Details | File | 16 | trustedinstaller.exe |
|
Details | File | 1 | huzevusuqig.exe |
|
Details | File | 1 | zomofeqitiya.exe |
|
Details | File | 1 | googlechrome.exe |
|
Details | File | 1 | c:\googlechrome\googlechrome.exe |
|
Details | File | 14 | c:\windows\system32\netsh.exe |
|
Details | File | 289 | msiexec.exe |
|
Details | File | 1 | yrlzxqewyluakjqqbyw.exe |
|
Details | File | 1 | avrhhcsmqfqykluwjiije.exe |
|
Details | File | 1 | gegxworgwbz.exe |
|
Details | File | 1 | afllv.exe |
|
Details | File | 1 | xhsxmwbkdh.exe |
|
Details | File | 1 | spis_twist_1_0_1_4.exe |
|
Details | File | 1 | files_1.exe |
|
Details | File | 1 | spis_catting_1_0_1_8.bat |
|
Details | File | 6 | files.exe |
|
Details | File | 1 | spis_catting.exe |
|
Details | sha1 | 3 | 72bc039f1d37b610ba6c4b577dbe82feba37e813 |
|
Details | sha1 | 3 | cae4e8c730de5a01d30aabeb3e5cb2136090ed8d |
|
Details | sha1 | 3 | 274c2facba9d04e1f3cbf31528af0ac162da5db7 |
|
Details | sha1 | 3 | b0fb70192b26c18858893f09e9d75d2e52f3f475 |
|
Details | sha1 | 3 | 2620d60d8283936d6671713477cdd9ae2e28eb1b |
|
Details | sha1 | 3 | c20c26d9f4f9bff3cf4c29b5c1c30252d938eddb |
|
Details | sha1 | 3 | e4fcf9c1ee2dcc115f5fc8f074fa56ffd484aac9 |
|
Details | sha1 | 3 | 6dc84c457ea8f5ff29fbd1c6c968e3ffa53f7870 |
|
Details | sha1 | 3 | d36e846202330271d43c425fb4674e71720dfd47 |
|
Details | sha1 | 3 | 8d3f65f067fe1fc090174dcac53eb9c0fb46edc6 |
|
Details | sha1 | 3 | 4dec324ebeef3a9aef57cc71c6b1b5e530412a4e |
|
Details | sha1 | 3 | 3a96e920f70f252cba1f5e43ea386aec0d1fb704 |
|
Details | sha1 | 3 | f521451fd6083aa2a91c32091da1908eb8c86866 |
|
Details | sha1 | 3 | ef275035b54da5edff5b7f802135f2ff0c687fff |
|
Details | sha1 | 3 | c2122c796f1afdf94f3aeaa539fdd2d30807c555 |
|
Details | sha1 | 3 | 951206a961f3c679c8e32dbbcec66ed75ca9f117 |
|
Details | sha1 | 3 | 76e3fd90eae759db964fc5af6d1a31e74bd6d9b4 |
|
Details | sha1 | 3 | 4fc5f6704008898447313ccde4f8ede7de91078d |
|
Details | IPv4 | 2 | 34.29.71.138 |
|
Details | IPv4 | 1 | 44.200.43.61 |
|
Details | IPv4 | 2 | 104.198.2.251 |
|
Details | IPv4 | 14 | 184.105.192.2 |
|
Details | IPv4 | 1 | 35.204.181.10 |
|
Details | Mandiant Uncategorized Groups | 17 | UNC4210 |
|
Details | MITRE ATT&CK Techniques | 56 | T1091 |
|
Details | MITRE ATT&CK Techniques | 385 | T1204.002 |
|
Details | MITRE ATT&CK Techniques | 60 | T1055.001 |
|
Details | MITRE ATT&CK Techniques | 721 | T1059 |
|
Details | MITRE ATT&CK Techniques | 32 | T1547.009 |
|
Details | MITRE ATT&CK Techniques | 186 | T1543.003 |
|
Details | MITRE ATT&CK Techniques | 128 | T1129 |
|
Details | MITRE ATT&CK Techniques | 35 | T1036.003 |
|
Details | MITRE ATT&CK Techniques | 165 | T1027.002 |
|
Details | MITRE ATT&CK Techniques | 558 | T1112 |
|
Details | MITRE ATT&CK Techniques | 59 | T1036.004 |
|
Details | MITRE ATT&CK Techniques | 467 | T1071.001 |
|
Details | Threat Actor Identifier - APT | 291 | APT10 |