Deep-dive: The DarkHotel APT
Tags
Common Information
| Type | Value |
|---|---|
| UUID | c37e5576-57f4-4fee-973b-73abbea86a83 |
| Fingerprint | 9f389ddb8fb79582 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 14, 2020, 2:17 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | @BushidoToken Threat Intel |
| Title | Deep-dive: The DarkHotel APT |
| Detected Hints/Tags/Attributes | 123/3/41 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.bushidotoken.net/2020/06/deep-dive-darkhotel-apt.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 106 | cve-2018-8174 |
|
| Details | CVE | 27 | cve-2018-8373 |
|
| Details | CVE | 34 | cve-2019-1458 |
|
| Details | CVE | 12 | cve-2019-13720 |
|
| Details | CVE | 14 | cve-2019-17026 |
|
| Details | CVE | 43 | cve-2020-0674 |
|
| Details | CVE | 63 | cve-2017-8570 |
|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | CVE | 27 | cve-2019-1367 |
|
| Details | Domain | 5 | nknews.org |
|
| Details | Domain | 5 | sigs.py |
|
| Details | Domain | 55 | otx.alienvault.com |
|
| Details | Domain | 96 | malpedia.caad.fkie.fraunhofer.de |
|
| Details | Domain | 403 | securelist.com |
|
| Details | Domain | 42 | tencent.com |
|
| Details | Domain | 1373 | twitter.com |
|
| Details | Domain | 138 | www.securityweek.com |
|
| Details | Domain | 397 | www.microsoft.com |
|
| Details | Domain | 262 | www.welivesecurity.com |
|
| Details | Domain | 20 | blogs.360.cn |
|
| Details | Domain | 81 | blog.malwarebytes.com |
|
| Details | File | 5 | sigs.py |
|
| Details | File | 1 | 1000.html |
|
| Details | File | 2 | 741.html |
|
| Details | File | 1 | apt_darkhotel_attacks_during_coronavirus_pandemic.html |
|
| Details | Threat Actor Identifier - APT-C | 24 | APT-C-06 |
|
| Details | Threat Actor Identifier by NSA | 6 | SIG25 |
|
| Details | Url | 1 | https://otx.alienvault.com/browse/pulses?q=darkhotel |
|
| Details | Url | 1 | https://malpedia.caad.fkie.fraunhofer.de/actor/darkhotel |
|
| Details | Url | 3 | https://securelist.com/the-darkhotel-apt/66779 |
|
| Details | Url | 2 | https://securelist.com/the-zero-day-exploits-of-operation-wizardopium/97086 |
|
| Details | Url | 1 | https://s.tencent.com/research/report/1000.html |
|
| Details | Url | 2 | https://s.tencent.com/research/report/741.html |
|
| Details | Url | 1 | https://twitter.com/reddrip7/status/1247737928953946112 |
|
| Details | Url | 1 | https://twitter.com/reddrip7/status/1222887262234394624 |
|
| Details | Url | 1 | https://www.securityweek.com/darkhotel-apt-uses-hacking-team-exploit-target-specific-systems |
|
| Details | Url | 1 | https://www.securityweek.com/darkhotel-apt-uses-new-methods-target-politicians |
|
| Details | Url | 1 | https://www.microsoft.com/security/blog/2016/06/09/reverse-engineering-dubnium-2/3/?source=mmpc |
|
| Details | Url | 1 | https://www.welivesecurity.com/2020/05/13/ramsay-cyberespionage-toolkit-airgapped-networks |
|
| Details | Url | 1 | http://blogs.360.cn/post/apt_darkhotel_attacks_during_coronavirus_pandemic.html |
|
| Details | Url | 2 | https://blog.malwarebytes.com/threat-analysis/2020/06/higaisa |