Targeted Surveillance Attacks in Uzbekistan: An Old Threat with New Techniques
Tags
country: Uzbekistan
maec-delivery-vectors: Watering Hole
attack-pattern: Data Direct Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Hardware - T1592.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Software - T1592.002 Tool - T1588.002 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID c2edeb68-f540-41fe-913f-f25cd52f259c
Fingerprint dd0089590810eec1
Analysis status DONE
Considered CTI value 0
Text language
Published March 12, 2020, 12:01 a.m.
Added to db Jan. 18, 2023, 10:47 p.m.
Last updated Nov. 17, 2024, 11:40 p.m.
Headline Targeted Surveillance Attacks in Uzbekistan: An Old Threat with New Techniques
Title Targeted Surveillance Attacks in Uzbekistan: An Old Threat with New Techniques
Detected Hints/Tags/Attributes 91/3/53
Source URLs
Redirection Url
Details Source https://www.amnesty.org/en/latest/research/2020/03/targeted-surveillance-attacks-in-uzbekistan-an-old-threat-with-new-techniques/
URL Provider
Details Provider Source level domain
Details amnesty.org www.amnesty.org
Attributes
Details Type #Events CTI Value
Details Domain 1 
acccountsgoog1e.com
Details Domain 1 
auth-google.site
Details Domain 1 
auth-mail.email
Details Domain 1 
msoffice365.win
Details Domain 1 
hpphhpph.com
Details Domain 1 
garant-help.com
Details Domain 246 
mail.ru
Details Domain 4 
equalit.ie
Details Domain 1 
gmail-warning.top
Details Domain 1 
mynavyfedral.org
Details Domain 1 
navyfedera1.org
Details Domain 2 
www.navyfederal.org
Details Domain 1 
frostdank.com
Details Domain 2 
www.frostbank.com
Details Domain 1 
comericac.com
Details Domain 2 
www.comerica.com
Details Domain 1 
lamatrest.xyz
Details Domain 1 
www.bmo.com
Details Domain 1 
desktest5.xyz
Details Domain 1 
www.scotiabank.com
Details Domain 1 
testdhome4.xyz
Details Domain 14 
www.blockchain.com
Details Domain 1 
xn--blckchain-17c.com
Details Domain 1 
xn--navyfderal-36a.com
Details Domain 1 
xn--navyfedera-j0b.org
Details Domain 1 
xn--bckchain-v3a30f.com
Details Domain 1 
xn--avfedera-yubm.org
Details Domain 1 
rc-room.com
Details Domain 42 
www.coinbase.com
Details Domain 1 
nitroqensports.eu
Details Domain 1 
nitrogensports.eu
Details Domain 4128 
github.com
Details File 3 
updater.vbs
Details File 1 
flashplayer31pp_ka_install.exe
Details File 14 
uninstall.exe
Details File 1 
uninstall.ini
Details File 1 
c:\users\user\appdata\roaming\microsoft\adobe flash player  adobe flash player.dll
Details File 1 
key.vbs
Details File 3 
player.dll
Details File 1 
googleupdatetaskmachinekernel.vbs
Details File 3 
5.dll
Details File 1 
esetnod32_v4.dll
Details Github username 6 
amnestytech
Details IPv4 1 
51.83.97.40
Details Url 2 
https://www.navyfederal.org
Details Url 2 
https://www.frostbank.com
Details Url 2 
https://www.comerica.com
Details Url 1 
https://www.bmo.com
Details Url 1 
https://www.scotiabank.com
Details Url 3 
https://www.blockchain.com
Details Url 21 
https://www.coinbase.com
Details Url 1 
https://nitrogensports.eu
Details Url 1 
https://github.com/amnestytech/investigations/tree/master/2020-03-12_uzbekistan