ioc[.]one - OSINT Cyber Threat Intelligence Database

APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析

Tags

maec-delivery-vectors:

Show in Graph

Common Information

Type	Value
UUID	c1279a48-31ca-47a1-8e6f-551050dd2c8e
Fingerprint	a5bde7e8f0975c8b
Analysis status	DONE
Considered CTI value	2
Text language
Published	July 31, 2062, midnight
Added to db	Sept. 26, 2022, 9:31 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析
Title	APT28携小众压缩包诱饵对北约、中亚目标的定向攻击分析
Detected Hints/Tags/Attributes	12/1/28

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s/6R7bFs9lH1I3BNdkatCC9g

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

Attributes

Details	Type	#Events	Value
Details	Domain	208	mp.weixin.qq.com
Details	File	1	participation.pdf
Details	File	3	temp.tmp
Details	File	1	c:\users\purple\appdata\roaming\controller\scrssl.exe
Details	File	2	然后启动winword.exe
Details	File	2	get-upd-id.php
Details	File	1	aaf-progress.php
Details	File	1	tleaw.php
Details	md5	1	98e304e28a51acd92a363346c2b02b2f
Details	md5	1	855005FEE45E71C36A466527C7FAD62F
Details	md5	1	c74aa42b41ec44571a3f4e167b01c53c
Details	md5	1	D21A025E6BA0DB784ABB1D086B67D3DF
Details	md5	1	2760C647D03B5D26D3A331428733C809
Details	md5	1	b66c2aa25d1f9056f09d0a158d20faef
Details	md5	1	3792380fd7512cc2ec9b28a686edb0e9
Details	md5	1	93150535f9dcd9f7e169e255264c787a
Details	md5	1	573247af55b015d48ab7f6d7d0d6f1db
Details	md5	1	c4a0448925980eacbd22c2dd4869a1c7
Details	md5	1	fafd702197d758ce2687706336750660
Details	IPv4	3	194.32.78.245
Details	IPv4	1	185.205.209.172
Details	IPv4	1	31.7.62.103
Details	Threat Actor Identifier - APT-C	9	APT-C-20
Details	Threat Actor Identifier - APT	783	APT28
Details	Url	1	http://194.32.78.245//protect/get-upd-id.php
Details	Url	1	http://185.205.209.172/sciencedirect/development/aaf-progress.php
Details	Url	1	http://31.7.62.103/tleaw.php
Details	Url	1	https://mp.weixin.qq.com/s/pe_6vrdk-2ati996sff0og