ioc[.]one - OSINT Cyber Threat Intelligence Database

StripedFly: двуликий и незаметный

Tags

country:	Taiwan
attack-pattern:	Dns - T1071.004 Dns - T1590.002 Firmware - T1592.003 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	d1466a39-333a-4f94-ac52-54f3a7b034e1
Fingerprint	7e18253f5bb15462
Analysis status	IN_PROGRESS
Considered CTI value	0
Text language
Published	Nov. 13, 2023, 11 a.m.
Added to db	Nov. 19, 2023, 10:30 p.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	StripedFly: двуликий и незаметный
Title	StripedFly: двуликий и незаметный
Detected Hints/Tags/Attributes	30/2/70

Source URLs

	Redirection	Url
Details	Source	https://securelist.ru/stripedfly-perennially-flying-under-the-radar/108375/

URL Provider

Details	Provider	Source level domain
Details	securelist.ru	securelist.ru

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	224	✔	Securelist	https://securelist.ru/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	78	bitbucket.org
Details	Domain	180	readme.md
Details	Domain	3	gpiekd65jgshwp2p53igifv43aug2adacdebmuuri34hduvijr5pfjad.onion
Details	Domain	6	ghtyqipha6mcwxiz.onion
Details	Domain	4	ajiumbl2p2mjzx3l.onion
Details	Domain	67	gitlab.com
Details	Domain	4128	github.com
Details	Domain	21	pool.minexmr.com
Details	Domain	3	mine.aeon-pool.com
Details	File	89	wininit.exe
Details	File	2	delta.dat
Details	File	2	ota.dat
Details	File	1208	powershell.exe
Details	File	271	chrome.exe
Details	md5	3	b28c6d00855be3b60e220c32bfad2535
Details	md5	3	18f5ccdd9efb9c41aa63efbe0c65d3db
Details	md5	3	2cdc600185901cf045af027289c4429c
Details	md5	4	54dd5c70f67df5dc8d750f19ececd797
Details	md5	3	d32fa257cd6fb1b0c6df80f673865581
Details	md5	4	c04868dabd6b9ce132a790fdc02acc14
Details	md5	3	c7e3df6455738fb080d741dcbb620b89
Details	md5	3	d684de2c5cfb38917c5d99c04c21769a
Details	md5	3	a5d3abe7feb56f49fa33dc49fea11f85
Details	md5	3	35fadceca0bae2cdcfdaac0f188ba7e0
Details	md5	3	00c9fd9371791e9160a3adaade0b4aa2
Details	md5	3	41b326df0d21d0a8fad6ed01fec1389f
Details	md5	3	506599fe3aecdfb1acc846ea52adc09f
Details	md5	3	6ace7d5115a1c63b674b736ae760423b
Details	md5	3	2e2ef6e074bd683b477a2a2e581386f0
Details	md5	3	04df1280798594965d6fdfeb4c257f6c
Details	md5	3	abe845285510079229d83bb117ab8ed6
Details	md5	3	090059c1786075591dec7ddc6f9ee3eb
Details	md5	3	120f62e78b97cd748170b2779d8c0c67
Details	md5	3	d64361802515cf32bd34f98312dfd40d
Details	IPv4	619	0.0.0.0
Details	IPv4	132	10.0.0.0
Details	IPv4	10	100.64.0.0
Details	IPv4	45	127.0.0.0
Details	IPv4	81	172.16.0.0
Details	IPv4	124	192.168.0.0
Details	IPv4	6	198.18.0.0
Details	IPv4	27	224.0.0.0
Details	IPv4	13	240.0.0.0
Details	IPv4	3	169.255.0.0
Details	IPv4	18	169.254.0.0
Details	IPv4	21	3.0.0.0
Details	IPv4	9	15.0.0.0
Details	IPv4	6	16.0.0.0
Details	IPv4	5	56.0.0.0
Details	IPv4	25	6.0.0.0
Details	IPv4	6	55.0.0.0
Details	IPv4	27	7.0.0.0
Details	IPv4	15	11.0.0.0
Details	IPv4	9	21.0.0.0
Details	IPv4	6	22.0.0.0
Details	IPv4	8	26.0.0.0
Details	IPv4	5	28.0.0.0
Details	IPv4	4	29.0.0.0
Details	IPv4	7	30.0.0.0
Details	IPv4	7	33.0.0.0
Details	IPv4	5	214.0.0.0
Details	IPv4	4	215.0.0.0
Details	IPv4	5	5.255.86.125
Details	IPv4	4	45.9.148.21
Details	IPv4	4	45.9.148.36
Details	IPv4	4	45.9.148.132
Details	Windows Registry Key	1	HKCU\Software\Microsoft\Windows\CurrentVersion\Applets
Details	Windows Registry Key	188	HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Details	Windows Registry Key	1	HKCU\Software\Classes\TypeLib
Details	Windows Registry Key	1	HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters