ioc[.]one - OSINT Cyber Threat Intelligence Database

Darkhotel（APT-C-06）使用“双星”0Day漏洞（CVE-2019-17026、CVE-2020-0674）针对中国发起的APT攻击分析

Tags

Show in Graph

Common Information

Type	Value
UUID	bcb77500-733f-4630-8583-0fa760bff653
Fingerprint	6f3ddafca745e936
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 11, 2020, midnight
Added to db	Jan. 18, 2023, 7:39 p.m.
Last updated	Nov. 17, 2024, 5:55 p.m.
Headline	360 核心安全技术博客
Title	Darkhotel（APT-C-06）使用“双星”0Day漏洞（CVE-2019-17026、CVE-2020-0674）针对中国发起的APT攻击分析
Detected Hints/Tags/Attributes	3/0/10

Source URLs

	Redirection	Url
Details	Source	http://blogs.360.cn/post/apt-c-06_0day.html

URL Provider

Details	Provider	Source level domain
Details	360.cn	blogs.360.cn

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	14		cve-2019-17026
Details	CVE	43		cve-2020-0674
Details	CVE	375		cve-2017-11882
Details	Domain	84		www.mozilla.org
Details	Domain	80		portal.msrc.microsoft.com
Details	File	1		首先会判断当前进程是否为svchost.exe
Details	File	2		发现当前进程名为svchost.exe
Details	Threat Actor Identifier - APT-C	24		APT-C-06
Details	Url	3		https://www.mozilla.org/en-us/security/advisories/mfsa2020-03
Details	Url	1		https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2020-0674