奇安信威胁情报中心
Tags
Common Information
Type | Value |
---|---|
UUID | cfa5418f-cb5a-487d-9c8f-c9c5ae3326a9 |
Fingerprint | ed8c0d35aaf335b9 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Feb. 16, 2021, midnight |
Added to db | Jan. 18, 2023, 10:39 p.m. |
Last updated | Dec. 23, 2024, 2:25 a.m. |
Headline | UNKNOWN |
Title | 奇安信威胁情报中心 |
Detected Hints/Tags/Attributes | 10/0/15 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 2 | www.xbhp.com |
|
Details | Domain | 2 | www.c4csa.org |
|
Details | File | 125 | nuxt.js |
|
Details | File | 1 | записки.doc |
|
Details | File | 1 | wininition.exe |
|
Details | File | 1 | %allusersprofile%\cache\arial-debug.log |
|
Details | File | 8 | style.php |
|
Details | File | 2 | felims.php |
|
Details | md5 | 2 | 49696043b51acca6ced2ab213bd4abef |
|
Details | md5 | 2 | c9a43fd6623bf0bc287012b6ee10a98e |
|
Details | md5 | 2 | df6c6ee05898ce35ce5963ff0ae2344d |
|
Details | Threat Actor Identifier - APT | 915 | APT28 |
|
Details | Url | 1 | https://www.xbhp.com/dominargreatasianodyssey/wp-content/plugins/akismet/style.php,当访问计数在6-15时候数据上传至c2:https://www.c4csa.org/includes/sources/felims.php |
|
Details | Url | 2 | https://www.xbhp.com/dominargreatasianodyssey/wp-content/plugins/akismet/style.php |
|
Details | Url | 2 | https://www.c4csa.org/includes/sources/felims.php |