The Trail of BlackTech’s Cyber Espionage Campaigns
Tags
country: Hong Kong Japan Taiwan
attack-pattern: Data Credentials - T1589.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID da0b19fc-77ce-4b4c-b69b-4f3a90335d0f
Fingerprint b4c0115984f1e6c3
Analysis status DONE
Considered CTI value 2
Text language
Published June 22, 2017, midnight
Added to db Sept. 26, 2022, 9:31 a.m.
Last updated Nov. 15, 2024, 1:37 p.m.
Headline The Trail of BlackTech’s Cyber Espionage Campaigns
Title The Trail of BlackTech’s Cyber Espionage Campaigns
Detected Hints/Tags/Attributes 78/2/12
Source URLs
Redirection Url
Details Source http://blog.trendmicro.com/trendlabs-security-intelligence/following-trail-blacktech-cyber-espionage-campaigns/
Details Source https://blog.trendmicro.com/trendlabs-security-intelligence/following-trail-blacktech-cyber-espionage-campaigns/
Details Source https://www.trendmicro.com/en_us/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
Details Source https://www.trendmicro.com/en_id/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
Details Source https://www.trendmicro.com/en_ca/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
Details Source https://www.trendmicro.com/en_gb/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
Details Source https://www.trendmicro.com/en_nl/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
Details Source https://www.trendmicro.com/en_be/research/17/f/following-trail-blacktech-cyber-espionage-campaigns.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Details trendmicro.com blog.trendmicro.com
Attributes
Details Type #Events CTI Value
Details CVE 59 
cve-2015-5119
Details CVE 176 
cve-2012-0158
Details CVE 18 
cve-2014-6352
Details CVE 269 
cve-2017-0199
Details CVE 38 
cve-2017-7269
Details Domain 3 
itaiwans.com
Details Domain 3 
microsoftmse.com
Details File 16 
64.exe
Details File 2 
vmdks.exe
Details File 2 
cfbcjtqx.dll
Details File 2 
tpauto.dll
Details IPv4 3 
211.72.242.120