SunOrcal Adds GitHub and Steganography to its Repertoire, Expands to Vietnam and Myanmar
Tags
Common Information
| Type | Value |
|---|---|
| UUID | c8320819-b467-4537-aacf-fb2ccba23a5d |
| Fingerprint | ad2129d9afff83db |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 20, 2017, 3 a.m. |
| Added to db | Sept. 26, 2022, 9:33 a.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | SunOrcal Adds GitHub and Steganography to its Repertoire, Expands to Vietnam and Myanmar |
| Title | SunOrcal Adds GitHub and Steganography to its Repertoire, Expands to Vietnam and Myanmar |
| Detected Hints/Tags/Attributes | 55/2/63 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4128 | github.com |
|
| Details | Domain | 1 | readme2.md |
|
| Details | Domain | 2 | www.weryhstui.com |
|
| Details | Domain | 1 | www.eyesfeel256.com |
|
| Details | Domain | 2 | www.olinaodi.com |
|
| Details | Domain | 2 | www.fyoutside.com |
|
| Details | Domain | 1 | www.outsidefly.com |
|
| Details | Domain | 1 | fyoutside.com |
|
| Details | Domain | 1 | www.flyoutside.com |
|
| Details | Domain | 1 | www.eyestouch256.com |
|
| Details | Domain | 2 | www.tashdqdxp.com |
|
| Details | File | 1 | updata.log |
|
| Details | File | 1 | sppsvc.txt |
|
| Details | File | 21 | sppsvc.exe |
|
| Details | File | 1 | dwm99.bmp |
|
| Details | File | 1 | dwm.dll |
|
| Details | File | 1 | mặt.doc |
|
| Details | File | 1 | humiliating.doc |
|
| Details | File | 1 | l1106.bmp |
|
| Details | File | 1 | %temp%\mstk.exe |
|
| Details | Github username | 1 | nordicmyth |
|
| Details | sha256 | 1 | 887aeccfb981266f1d47a68cba64de47a4945a63d3b1787294ac98842ff47ffd |
|
| Details | sha256 | 1 | 45eee0e7e41f5781577f7f380d90eb7145ab6ba9a8f64df31bb6fd3e72693f33 |
|
| Details | sha256 | 1 | e1d9cc6b5effa6a579801fb0d2fbfb700a50c916283dad205a7c88128376f098 |
|
| Details | sha256 | 1 | d5e5abae142139484089974cbcaae5ac76d88f25a42fb961d8018a3c63a2601c |
|
| Details | sha256 | 1 | 67ef25b0708e6c268d2cbd78d03141acfc9cf895b8422da69beb2ca598f2fcc7 |
|
| Details | sha256 | 1 | a13647468498dd7c95de7d168c926cf53eb01fbc262bf372790b47b704c44a04 |
|
| Details | sha256 | 1 | da0a0f940cc01f1e29304d860f144bde7a132d6e0abdec6588fac38875be248a |
|
| Details | sha256 | 2 | 81d887fefdbb0219647991c2b7bddf45c2fede4dc6fc18408f1706e0279615b2 |
|
| Details | sha256 | 1 | 840f55183809efa356cb1b7f4057f81e3752e7a6bcc1784f59551d988c690c48 |
|
| Details | sha256 | 1 | 58eac547fcba5572361daf4b49200f6d95114492ee296bc25542e8288e9542fa |
|
| Details | sha256 | 1 | 163a82ab3db709da8fef18de67b71b19f300253b285bccccbf9375857d96e4d6 |
|
| Details | sha256 | 1 | 49adaad1ecfaba2de15d5024656ad277b39fcfcc07683c04a205bbedb027a9a1 |
|
| Details | sha256 | 1 | 491eec8b0d6aaf3aaeef3d4d53f5b94be6d84ab081d0d8e9859347e3c3cf0acc |
|
| Details | sha256 | 1 | 48836912f48106e02ec0e083095fcf3a38cf871081e6cefbcd774e84168e8673 |
|
| Details | sha256 | 1 | 7288d5ae3c82cf3cda4815732edc144edb5ff728a5ecb0ba8caf76f7acde5488 |
|
| Details | sha256 | 1 | 0ea195e7927fb1d2d13c9b90da846f532be6924f8a2650c026c9105a297cce46 |
|
| Details | sha256 | 2 | 799139b5278dc2ac24279cc6c3db44f4ef0ea78ee7b721b0ace38fd8018c51ac |
|
| Details | sha256 | 2 | 58312fb742ce881e040e1b5b8555f00a402b8dd4fc886acaae2f862040b3bfc5 |
|
| Details | sha256 | 2 | 38ea33dab0ba2edd16ecd98cba161c550d1036b253c8666c4110d198948329fb |
|
| Details | sha256 | 2 | cb7c0cf1750baaa11783e93369230ee666b9f3da7298e4d1bb9a07af6a439f2f |
|
| Details | sha256 | 2 | d560f44188fb56d3abb11d9508e1167329470de19b811163eb1167534722e666 |
|
| Details | sha256 | 2 | 98eb5465c6330b9b49df2e7c9ad0b1164aa5b35423d9e80495a178eb510cdc1c |
|
| Details | sha256 | 2 | 05ddbd0506ec95fb460b3994e5b21cdb0418ba4aa406374ca1b91249349b7640 |
|
| Details | sha256 | 2 | 18ac3b14300ecfeed4b64a844c16dccb06b0e3513d0954d6c6182f2ea14e4c92 |
|
| Details | sha256 | 2 | c0f8bb77284b96e07cab1c3fab8800b1bbd030720c74628c4ee5666694ef903d |
|
| Details | sha256 | 2 | 9213f70bce491991c4cbbbd7dc3e67d3a3d535b965d7064973b35c50f265e59b |
|
| Details | sha256 | 2 | 26c234c73e2c3448589c7d4a0cf17f615ad3666541a4e611e2d8b77637205bcf |
|
| Details | sha256 | 2 | ae9f158e4886cfdbfb4f1b3b25707d05f6fd873d0be9d8e7334a2c28741228ee |
|
| Details | sha256 | 2 | 1fcda755e8fa23d27329e4bc0443a82e1c1e9a6c1691639db256a187365e4db1 |
|
| Details | sha256 | 2 | c906250e0a4c457663e37119ebe1efa1e4b97eef1d975f383ac3243f9f09908c |
|
| Details | sha256 | 2 | 1813f10bcf74beb582c824c64fff63cb150d178bef93af81d875ca84214307a1 |
|
| Details | sha256 | 1 | 992e4577807e57b691acdfbace2651efe18292d1020fa94b44ea365885c6ccf0 |
|
| Details | sha256 | 1 | 4dffdd62a11d7095960a9a6583173dde418dd1c42df1cb656eeb6edeecde3917 |
|
| Details | IPv4 | 17 | 192.168.1.104 |
|
| Details | IPv4 | 1441 | 127.0.0.1 |
|
| Details | IPv4 | 2 | 104.148.70.217 |
|
| Details | IPv4 | 2 | 98.126.156.210 |
|
| Details | IPv4 | 1 | 119.42.148.246 |
|
| Details | Url | 1 | https://github.com/nordicmyth/nordicmyth/blob/master/readme2.md |
|
| Details | Url | 1 | http://www.fyoutside.com/dwm99.bmp |
|
| Details | Url | 1 | http://www.fyoutside.com/l1106.bmp |
|
| Details | Windows Registry Key | 1 | HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\sppsvc |