Rewterz Threat Alert – China-linked Group APT41 Targets Mobile Devices With New WyrmSpy and DragonEgg Spyware – Active IOCs
Tags
country: China
attack-pattern: Data Model Dns - T1071.004 Dns - T1590.002 Malware - T1587.001 Malware - T1588.001 Sms Messages - T1636.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Denial Of Service
Show in Graph
Common Information
Type Value
UUID bffc26dc-fb15-470b-be8f-54c34b75f84c
Fingerprint b6292d93ad456789
Analysis status DONE
Considered CTI value 2
Text language
Published July 24, 2023, 11:37 a.m.
Added to db Aug. 1, 2023, 2:02 p.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Rewterz Threat Alert – China-linked Group APT41 Targets Mobile Devices With New WyrmSpy and DragonEgg Spyware – Active IOCs
Title Rewterz Threat Alert – China-linked Group APT41 Targets Mobile Devices With New WyrmSpy and DragonEgg Spyware – Active IOCs
Detected Hints/Tags/Attributes 65/2/48
Source URLs
Redirection Url
Details Source https://www.rewterz.com/rewterz-news/rewterz-threat-alert-china-linked-group-apt41-targets-mobile-devices-with-new-wyrmspy-and-dragonegg-spyware-active-iocs/
URL Provider
Details Provider Source level domain
Details rewterz.com www.rewterz.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 365 https://www.rewterz.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 11 
cve-2023-3446
Details Domain 2 
dns.win10micros0ft.com
Details Domain 2 
www.andropwn.xyz
Details Domain 2 
update.umisen.com
Details Domain 3 
huaxin-bantian.duckdns.org
Details Domain 2 
smiss.imwork.net
Details Domain 3 
yxwasec.com
Details Domain 3 
alxc.tbtianyan.com
Details md5 1 
9c1bed665f214e8fc77fc388baedc2a1
Details md5 1 
aec0f30914ffabdf797dab23c74e7c98
Details md5 1 
da8e17f6380a617142636b0927abbecf
Details md5 1 
650ab382058af1b5fab17e12ca7d34f9
Details md5 1 
80c86ebd37589d4b65ce80c2c48d0868
Details md5 1 
cc14fa959b6409e9ac566fb4e6ed92d7
Details md5 1 
38fe6f997303b30244d41f3939b64448
Details md5 1 
feea40f6289356e11670ccf6c80f76c6
Details md5 1 
b5e44369b774205ef744cbafe86df427
Details md5 1 
efba92e52f815a0fbe00b88a81172707
Details md5 1 
11c73a0c0239c1b4c8687f938bb62994
Details md5 1 
b22585b5d0d5776c8914308882b23199
Details md5 1 
f3796fe187560c8d93051176289e445f
Details sha1 2 
92ddbe438c8c8c1ef82fa5bb02e526db10829736
Details sha1 2 
0b4a9a3f167178054ef9f9a97463cbe31f078c2f
Details sha1 2 
d713b8b0f3764157cc18d5dc1cb0f9c558067728
Details sha1 2 
589d88093dad377d46f34415a7f9df11d65b81ed
Details sha1 2 
ab560af6bafff8f58ea5bc53c0391501415aed14
Details sha1 2 
5891fa6a3a8232192ebd57a171bad29f53c7598c
Details sha1 2 
4405af38c4a6b6130fcf242a11b0ce7963a1be28
Details sha1 2 
5c16637848d6f1eb4aa6c5b2a4928a1144cd2113
Details sha1 2 
2fbd56b1f3859c6d03dec47f8fcee7e37dc303a1
Details sha1 2 
085191fb59d3933f8447610126600754b35697d4
Details sha1 2 
6dd20f7b9ccbd961d155fff78452303a54714841
Details sha1 2 
b456a61a3e0ac6073a716b06293a3295a261de56
Details sha1 2 
209567f4f28c5c8abcbe56d789e558aa64239534
Details sha256 1 
b66847d571e471ac78ffa11a82dded5ac6d2f52b25304adbfab90716d22c0905
Details sha256 1 
6caf068e1c0be245083aa6c3b92bd34909cb57d3d989cf509db18a8be4045fc5
Details sha256 1 
43193e32872c589785ae720da875e5e20099a5fa36c8aee838034c91986ed34c
Details sha256 1 
4355b4eb3d73b96577194cbd0ff319e0f4ff02d0cabdde8b15e1abd1840e6481
Details sha256 1 
6b9a540801613a2abd15b5994def2ac4904a896e14e1ab364b032de5b3d1e098
Details sha256 1 
8bf60e625d628e39320015de654933947b56621d8a4538f9be55c27ffc29a99c
Details sha256 1 
db389366540d43ffa1451fae16e0ab34bf266b9c88aff65d919f474e9430d5d6
Details sha256 1 
9bcaf637cfeab36e5f4301d4f018f7e6b8e9e30db108e7b7668bdb2250110407
Details sha256 1 
8c01132a0c1c7799e44608247f93d4680935f36df3fc94d59c7da83afe375ff2
Details sha256 1 
8d7fd7dcf5f0e144f3e3cc96ebf3ab8789d0d8edaeefa65e0f03dac67c1f046f
Details sha256 1 
d773c969c1be976410b9d8304fe6c07b142766f7bec2242e0eb5c18d3503eec1
Details sha256 1 
79a316353747d11ca0ac00e6cbe1e1ce80061d067d9ff3274be33c40d12ca5de
Details sha256 1 
0bdefeee83c758c45a54b20674208e1fa26a2d47c862abdffd2c39a345379e0a
Details Threat Actor Identifier - APT 522 
APT41