奇安信威胁情报中心
Tags
country: | Ukraine |
attack-pattern: | Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 |
Common Information
Type | Value |
---|---|
UUID | cc97f56a-5c48-44bd-a7f9-cba02e82a780 |
Fingerprint | ac4dba1d96ac80a8 |
Analysis status | DONE |
Considered CTI value | 1 |
Text language | |
Published | June 3, 2017, midnight |
Added to db | Dec. 18, 2024, 9:52 p.m. |
Last updated | Dec. 23, 2024, 12:10 p.m. |
Headline | 参考链接 |
Title | 奇安信威胁情报中心 |
Detected Hints/Tags/Attributes | 45/2/155 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://ti.qianxin.com/blog/articles/supply-chain-attacks-of-software/ |
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 1 | cve-2017-8360 |
|
Details | Domain | 101 | ti.qianxin.com |
|
Details | Domain | 5 | bobao.360.cn |
|
Details | Domain | 1 | www.nbu.gov.sk |
|
Details | Domain | 18 | www.antiy.com |
|
Details | Domain | 463 | securelist.com |
|
Details | Domain | 297 | mp.weixin.qq.com |
|
Details | Domain | 1 | 0day5.com |
|
Details | Domain | 6 | www.secpulse.com |
|
Details | Domain | 1 | netsecurity.51cto.com |
|
Details | Domain | 1 | www.myibc.net |
|
Details | Domain | 200 | www.fireeye.com |
|
Details | Domain | 8 | baike.baidu.com |
|
Details | Domain | 23 | blogs.360.cn |
|
Details | Domain | 59 | www.freebuf.com |
|
Details | Domain | 82 | blog.checkpoint.com |
|
Details | Domain | 37 | blogs.technet.microsoft.com |
|
Details | Domain | 4 | www.huorong.cn |
|
Details | Domain | 1 | www.skycn.net |
|
Details | Domain | 1 | landian.la |
|
Details | Domain | 2 | news.163.com |
|
Details | Domain | 1 | os.51cto.com |
|
Details | Domain | 1 | bbs.duba.net |
|
Details | Domain | 38 | weibo.com |
|
Details | Domain | 45 | blog.csdn.net |
|
Details | Domain | 33 | fortune.com |
|
Details | Domain | 1 | www.icsisia.com |
|
Details | Domain | 230 | www.symantec.com |
|
Details | Domain | 134 | www.f-secure.com |
|
Details | Domain | 1 | wiki.c2.com |
|
Details | Domain | 20 | www.pandasecurity.com |
|
Details | Domain | 1 | www.trustmatta.com |
|
Details | File | 125 | nuxt.js |
|
Details | File | 1 | 4448.html |
|
Details | File | 1 | 670.html |
|
Details | File | 1 | xcodeghost.html |
|
Details | File | 2 | 该恶意的后门代码存在于有合法签名的nssock2.dll |
|
Details | File | 1 | 发现并确认其中的nssock2.dll |
|
Details | File | 1 | 4278.html |
|
Details | File | 1 | c:\users\public\mictray.log |
|
Details | File | 1 | 4159.html |
|
Details | File | 1 | 3847.html |
|
Details | File | 1 | 1260.html |
|
Details | File | 1 | 42059.html |
|
Details | File | 1 | 502232.htm |
|
Details | File | 5 | www.myi |
|
Details | File | 1 | 1627-juniper-vpn后门事件分析.html |
|
Details | File | 1 | 2244.html |
|
Details | File | 2 | ibackdoor_high-risk.html |
|
Details | File | 1 | 2248.html |
|
Details | File | 1 | 2263.html |
|
Details | File | 1 | 1406.html |
|
Details | File | 1 | matta-2012-002.txt |
|
Details | File | 1 | matta-disclosure-policy-01.txt |
|
Details | File | 1 | 4323.html |
|
Details | File | 1 | 4238.html |
|
Details | File | 1 | 207.html |
|
Details | File | 1 | 141633.html |
|
Details | File | 1 | 143461.html |
|
Details | File | 1 | 149663131668.html |
|
Details | File | 1 | 4186.html |
|
Details | File | 1 | 148826116759.html |
|
Details | File | 1 | cekf4k0u000187ve.html |
|
Details | File | 1 | 148352991557.html |
|
Details | File | 1 | 会释放一个名为rtdxftex.sys |
|
Details | File | 1 | 148179983055.html |
|
Details | File | 1 | 148230103656.html |
|
Details | File | 1 | 57868.html |
|
Details | File | 1 | 109096.html |
|
Details | File | 1 | 134017.html |
|
Details | File | 1 | 314269.htm |
|
Details | File | 1 | thread-22623363-1-1.html |
|
Details | File | 48 | blog.cs |
|
Details | File | 1 | 150173981974.html |
|
Details | File | 2 | 187.html |
|
Details | File | 1 | 192.html |
|
Details | File | 1 | microsoft-confirms-complicity-of-medoc-to-petya-virus-spread-18323.html |
|
Details | File | 1 | 183.html |
|
Details | File | 1 | 该病毒利用explorer.exe |
|
Details | File | 1 | 146855435236.html |
|
Details | File | 1 | 78781.html |
|
Details | File | 17 | article.php |
|
Details | File | 3 | 00002718.html |
|
Details | File | 2 | 3952.html |
|
Details | File | 1 | 40062.html |
|
Details | IPv4 | 6 | 216.126.225.148 |
|
Details | IPv4 | 3 | 1.0.0.46 |
|
Details | Url | 1 | https://ti.qianxin.com/blog/articles/in-depth-analysis-of-ccleaner-malware |
|
Details | Url | 1 | https://ti.qianxin.com/blog/articles/announcement-of-ccleaner-malware |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/4448.html |
|
Details | Url | 1 | http://www.nbu.gov.sk/skcsirt-sa-20170909-pypi |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/670.html |
|
Details | Url | 1 | http://www.antiy.com/response/xcodeghost.html |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/4278.html |
|
Details | Url | 6 | https://securelist.com/shadowpad-in-corporate-networks/81432 |
|
Details | Url | 1 | http://mp.weixin.qq.com/s/qmnd9j84q7zuwyrihuzbtg |
|
Details | Url | 1 | http://bobao.360.cn/news/detail/4159.html |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/3847.html |
|
Details | Url | 1 | http://bobao.360.cn/news/detail/1260.html |
|
Details | Url | 1 | http://0day5.com/archives/241 |
|
Details | Url | 1 | https://www.secpulse.com/archives/42059.html |
|
Details | Url | 1 | http://netsecurity.51cto.com/art/201512/502232.htm |
|
Details | Url | 1 | http://www.myibc.net/about-us/news/1627-juniper-vpn后门事件分析.html |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/2244.html |
|
Details | Url | 2 | https://www.fireeye.com/blog/threat-research/2015/11/ibackdoor_high-risk.html |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/2248.html |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/2263.html |
|
Details | Url | 1 | https://baike.baidu.com/item/棱镜门/6006333?fr=aladdin |
|
Details | Url | 1 | http://bobao.360.cn/news/detail/1406.html |
|
Details | Url | 1 | https://www.trustmatta.com/advisories/matta-2012-002.txt<>br/https://www.trustmatta.com/advisories/matta-disclosure-policy-01.txt |
|
Details | Url | 1 | https://blog.cloudflare.com/the-wirex-botnet/?utm_content=buffer9e1c5&utm_medium=social&utm_source=twitter.com |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/4323.html |
|
Details | Url | 1 | http://blogs.360.cn/blog/analysis_of_wirex_botnet |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/4238.html |
|
Details | Url | 1 | http://dh936.com/?00804推广页面 |
|
Details | Url | 1 | http://bobao.360.cn/interref/detail/207.html |
|
Details | Url | 1 | http://www.freebuf.com/articles/web/141633.html |
|
Details | Url | 1 | http://www.freebuf.com/articles/system/143461.html |
|
Details | Url | 1 | https://blog.checkpoint.com/2017/06/01/fireball-chinese-malware-250-million-infection |
|
Details | Url | 1 | https://blogs.technet.microsoft.com/mmpc/2017/06/22/understanding-the-true-size-of-fireball |
|
Details | Url | 1 | http://www.huorong.cn/info/149663131668.html |
|
Details | Url | 1 | http://m.bobao.360.cn/news/detail/4186.html |
|
Details | Url | 1 | http://www.skycn.net/和 |
|
Details | Url | 1 | http://soft.hao123.com/这两个网站下载任何软件时 |
|
Details | Url | 1 | http://www.huorong.cn/info/148826116759.html?utm_sources=landian.la |
|
Details | Url | 1 | http://news.163.com/17/0303/18/cekf4k0u000187ve.html |
|
Details | Url | 1 | http://www.huorong.cn/info/148352991557.html |
|
Details | Url | 1 | http://www.huorong.cn/info/148179983055.html |
|
Details | Url | 1 | http://www.huorong.cn/info/148230103656.html |
|
Details | Url | 1 | http://www.freebuf.com/vuls/57868.html |
|
Details | Url | 1 | http://www.freebuf.com/articles/system/109096.html |
|
Details | Url | 1 | http://www.freebuf.com/articles/system/134017.html |
|
Details | Url | 1 | http://os.51cto.com/art/201202/314269.htm |
|
Details | Url | 1 | http://bbs.duba.net/thread-22623363-1-1.html |
|
Details | Url | 1 | http://weibo.com/3802345927/cbapoj5ir |
|
Details | Url | 1 | http://weibo.com/1401527553/aaphvcon9 |
|
Details | Url | 1 | http://blog.csdn.net/u011354613/article/details/52025387 |
|
Details | Url | 1 | http://www.huorong.cn/info/150173981974.html |
|
Details | Url | 1 | http://bobao.360.cn/interref/detail/187.html |
|
Details | Url | 1 | http://bobao.360.cn/interref/detail/192.html |
|
Details | Url | 1 | http://fortune.com/2017/06/27/petya-ransomware-ukraine-medoc |
|
Details | Url | 1 | http://www.zdnet.com/article/microsoft-petya-ransomware-attacks-were-spread-by-hacked-software-updater |
|
Details | Url | 1 | http://112.international/ukraine-top-news/microsoft-confirms-complicity-of-medoc-to-petya-virus-spread-18323.html |
|
Details | Url | 1 | http://bobao.360.cn/interref/detail/183.html |
|
Details | Url | 1 | http://www.huorong.cn/info/146855435236.html |
|
Details | Url | 1 | http://www.freebuf.com/articles/terminal/78781.html |
|
Details | Url | 1 | http://www.icsisia.com/article.php?id=152154 |
|
Details | Url | 1 | https://www.symantec.com/connect/blogs/emerging-threat-dragonfly-energetic-bear-apt-group |
|
Details | Url | 2 | https://www.f-secure.com/weblog/archives/00002718.html |
|
Details | Url | 1 | http://bobao.360.cn/learning/detail/3952.html |
|
Details | Url | 1 | http://wiki.c2.com/?thekenthompsonhack |
|
Details | Url | 1 | http://www.pandasecurity.com/mediacenter/mobile-security/ghost-push-malware-android |
|
Details | Url | 1 | https://www.secpulse.com/archives/40062.html |
|
Details | Url | 1 | https://www.trustmatta.com/advisories/matta-2012-002.txt |
|
Details | Url | 1 | https://www.trustmatta.com/advisories/matta-disclosure-policy-01.txt |