新的 Andromeda/Gamarue 命令和控制集群以亚太地区为目标-安全客 - 安全资讯平台
Tags
attack-pattern: Malware - T1587.001 Malware - T1588.001 Rundll32 - T1218.011 Rundll32 - T1085
Show in Graph
Common Information
Type Value
UUID d6a002ef-902f-49ac-96cc-9fcae8b6923b
Fingerprint c81b41a429b09c10
Analysis status DONE
Considered CTI value 1
Text language
Published Dec. 5, 2024, midnight
Added to db Dec. 5, 2024, 4:41 a.m.
Last updated Dec. 18, 2024, 9:51 p.m.
Headline 新的 Andromeda/Gamarue 命令和控制集群以亚太地区为目标
Title 新的 Andromeda/Gamarue 命令和控制集群以亚太地区为目标-安全客 - 安全资讯平台
Detected Hints/Tags/Attributes 8/1/4
Source URLs
Redirection Url
Details Source https://www.anquanke.com/post/id/302450
URL Provider
Details Provider Source level domain
Details anquanke.com www.anquanke.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 15 安全客-有思想的安全新媒体 https://api.anquanke.com/data/v1/rss 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 7 
malware.com
Details File 1060 
rundll32.exe
Details File 198 
desktop.ini
Details Mandiant Uncategorized Groups 17 
UNC4210