Rewterz Threat Alert – APT28 FancyBear Group – Active IOCs
Tags
country: Hong Kong Mongolia Myanmar Taiwan United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Powershell - T1086 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID c2d39638-684c-41c5-91b0-bc6eff013d93
Fingerprint e623a1b5ab01cfcc
Analysis status DONE
Considered CTI value 2
Text language
Published May 3, 2023, 7:09 a.m.
Added to db May 9, 2023, 9:20 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Rewterz Threat Alert – APT28 FancyBear Group – Active IOCs
Title Rewterz Threat Alert – APT28 FancyBear Group – Active IOCs
Detected Hints/Tags/Attributes 47/3/14
Source URLs
Redirection Url
Details Source https://www.rewterz.com/rewterz-news/rewterz-threat-alert-apt28-fancybear-group-active-iocs/
URL Provider
Details Provider Source level domain
Details rewterz.com www.rewterz.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 365 https://www.rewterz.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 102 
cve-2021-40444
Details Domain 6 
run.mocky.io
Details Domain 13 
mockbin.org
Details File 1 
1e88179a-3105-4a5c-9eb3-aebea36e9c21.ps1
Details File 1 
niso55.ps1
Details md5 1 
d5ab587aaa4bf24d17ab42179b798b10
Details md5 1 
66ee3445486859eee2d36028a1a64bb9
Details sha1 1 
b27311413076be38dd8a115061edda9cd0ba51b3
Details sha1 1 
cd3dc8f564131f20401c97c1feba7c452b7691e7
Details sha256 1 
e6d3217f89dc53f97989f05188b19f090dbbe1510a17c31398bcfeafa2fe7cba
Details sha256 1 
f1b937bdd6c3fac6dfde33bec229c378bdce92b4e736afec4084c98a899ef295
Details Threat Actor Identifier - APT 783 
APT28
Details Url 1 
https://run.mocky.io/v3/1e88179a-3105-4a5c-9eb3-aebea36e9c21
Details Url 1 
http://mockbin.org/bin/e8bfd045-2b14-4afc-9372-b723f7d76918