Looking at Big Threats Using Code Similarity – part 1
Tags
| country: | Bangladesh India Spain Singapore Russia Ukraine United States Of America |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | d73cf0f4-8fd6-4e01-9702-000db6eb6c1b |
| Fingerprint | bf14991b09f7a687 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 9, 2020, 10 a.m. |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Oct. 22, 2024, 8:42 p.m. |
| Headline | Looking at Big Threats Using Code Similarity. Part 1 |
| Title | Looking at Big Threats Using Code Similarity – part 1 |
| Detected Hints/Tags/Attributes | 103/2/18 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://securelist.com/big-threats-using-code-similarity-part-1/97239/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 14 | analyze.intezer.com |
|
| Details | Domain | 5 | www.brighttalk.com |
|
| Details | Domain | 338 | kaspersky.com |
|
| Details | 147 | intelreports@kaspersky.com |
||
| Details | File | 5 | cnli-1.dll |
|
| Details | File | 3 | evtchk.txt |
|
| Details | File | 9 | evtdiag.exe |
|
| Details | File | 5 | evtsys.exe |
|
| Details | File | 3 | evtchk.bat |
|
| Details | md5 | 1 | d51d485f98810ab1278df4e41b692761 |
|
| Details | md5 | 1 | 608f3f7f117daf1dc9378c4f56d5946f |
|
| Details | md5 | 2 | 07cc65907642abdc8972e62c1467e83b |
|
| Details | md5 | 2 | b4587870ecf51e8ef67d98bb83bc4be7 |
|
| Details | md5 | 3 | 3c0d740347b0362331c882c2dee96dbf |
|
| Details | sha256 | 1 | c0d70c678fcf073e6b5ad0bce14d8904b56d73595a6dde764f95d043607e639b |
|
| Details | sha256 | 2 | 67d9556c695ef6c51abf6fbab17acb3466e3149cf4d20cb64d6d34dc969b6502 |
|
| Details | Threat Actor Identifier - APT | 66 | APT17 |
|
| Details | Url | 1 | https://www.brighttalk.com/webcast/15591/414427 |