Earth Simnavaz (aka APT34) Attack Detection: Iranian Hackers Leverage Windows Kernel Vulnerability to Target UAE and Gulf Region - SOC Prime
Tags
country: China North Korea Iran
attack-pattern: Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Web Shell - T1505.003 Tool - T1588.002 Powershell - T1086 Web Shell - T1100
Show in Graph
Common Information
Type Value
UUID c4e8280d-f6e2-4f3e-a7a9-aec08cb3f38e
Fingerprint 250d09c7aab7cd97
Analysis status DONE
Considered CTI value 1
Text language
Published Oct. 14, 2024, 12:19 p.m.
Added to db Oct. 14, 2024, 3:05 p.m.
Last updated Nov. 13, 2024, 7:21 p.m.
Headline Earth Simnavaz (aka APT34) Attack Detection: Iranian Hackers Leverage Windows Kernel Vulnerability to Target UAE and Gulf Region
Title Earth Simnavaz (aka APT34) Attack Detection: Iranian Hackers Leverage Windows Kernel Vulnerability to Target UAE and Gulf Region - SOC Prime
Detected Hints/Tags/Attributes 49/2/2
Source URLs
Redirection Url
Details Source https://socprime.com/blog/earth-simnavaz-aka-apt34-attack-detection/
URL Provider
Details Provider Source level domain
Details socprime.com socprime.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 237 SOC Prime https://socprime.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 45 
cve-2024-30088
Details Threat Actor Identifier - APT 258 
APT34