“银狐”攻击事件频发,幕后黑产组织UTG-Q-1000起底 | CTF导航
Tags
Common Information
Type Value
UUID dcfbacfe-9bf9-4068-8ce8-71d8cdda3d92
Fingerprint 947444235d821af9
Analysis status DONE
Considered CTI value -2
Text language
Published Dec. 3, 2024, midnight
Added to db Dec. 17, 2024, 11:38 a.m.
Last updated Dec. 21, 2024, 2:20 a.m.
Headline “银狐”攻击事件频发,幕后黑产组织UTG-Q-1000起底
Title “银狐”攻击事件频发,幕后黑产组织UTG-Q-1000起底 | CTF导航
Detected Hints/Tags/Attributes 6/0/170
Source URLs
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 426 CTF导航 https://www.ctfiot.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2
uninstall.zip
Details Domain 2
xiao.shifude.top
Details Domain 2
tianran.xinkehu888.top
Details Domain 2
xinkehu888.top
Details Domain 3
xin3.xinkehu888.top
Details Domain 2
telegramzh.cc
Details Domain 2
telegramgw.org
Details Domain 2
oss.oss-cn-beijing.aliyuncs.com
Details Domain 2
lldwt-oss.oss-cn-beijing.aliyuncs.com
Details Domain 2
hwuexi.net
Details Domain 2
haitang0001.com
Details Domain 2
28.zip
Details Domain 5
s3.ap-southeast-1.amazonaws.com
Details Domain 2
ahjfsafh4.aws
Details Domain 3
77.zip
Details Domain 2
fdehwuirz.oss-ap-southeast-1.aliyuncs.com
Details Domain 2
214-installer.zip
Details Domain 2
ksjkantuwang.oss-cn-hongkong.aliyuncs.com
Details Domain 2
flash.zip
Details Domain 2
kaokk.yahaibei.cn
Details Domain 4
weishi.zzdoo.cn
Details Domain 2
new5.webcamcn.xyz
Details Domain 2
buerkeji.sbs
Details Domain 2
shunlifada8808.cn
Details Domain 2
dat-up-1.bj.bcebos.com
Details Domain 1
obs.su.bcebos.com
Details Domain 2
pencil-1323738307.cos.ap-guangzhou.myqcloud.com
Details Domain 2
yellow-1323738307.cos.ap-guangzhou.myqcloud.com
Details Domain 2
asyxtw.com
Details Domain 2
iuayeu.net
Details Domain 2
iluearv.net
Details Domain 2
eeszuu.com
Details Domain 2
wtkblq.com
Details Domain 2
wtkbxx.com
Details Domain 2
stzasxi.net
Details Domain 2
asyxtw.net
Details Domain 2
ced-oss.oss-cn-shanghai.aliyuncs.com
Details Domain 2
36koji.yahaibei.cn
Details Domain 2
cheomr.khqcys.cn
Details Domain 2
chreomn.smffy.cn
Details Domain 2
chroml.nwiufuy.cn
Details Domain 2
youdaol.sdkiao.cn
Details Domain 2
youdaool.zjdfwf.cn
Details Domain 2
i4.sdoepfl.icu
Details Domain 2
i4.fdklfmwsu.icu
Details Domain 2
i4.skfdndfriso.icu
Details Domain 2
i4.brkslgrw.icu
Details Domain 2
i4.gjapfemsl.icu
Details Domain 2
ai.wpsodlkg.top
Details Domain 2
i4.xjsmkdle.icu
Details Domain 2
i4.lindkjwu.icu
Details Domain 2
aisi.xskdmvl.top
Details Domain 2
ai.wpelorm.top
Details Domain 2
i4.eudnfialdo.icu
Details Domain 2
i4.sieodlkfm.icu
Details Domain 2
aisi.idjwadmn.icu
Details Domain 2
aisi.sjskmdlike.icu
Details File 2
2024-10-12调动表.exe
Details File 2
补贴公告.exe
Details File 2
241015企业名册.exe
Details File 2
setuppdf-uninstall.exe
Details File 2
查询-uninstall.zip
Details File 2
执行名单-uninstall.rar
Details File 2
执行查看.msi
Details File 2
打开.msi
Details File 2
中国最美警花不雅视频r.exe
Details File 2
现场照片及死者身份信息曝光.gz
Details File 2
9月13日西港又一名中国男子遭枪杀.cab
Details File 2
两名死者身份信息详情.exe
Details File 2
缅北园区一中国男子因欠赌场数百万偷取公司钱财被抓.cab
Details File 2
极品高三学妹萝莉lojiang.exe
Details File 2
eyepro.exe
Details File 2
护眼宝.exe
Details File 2
现场视频.exe
Details File 11
b.dat
Details File 2
pdvdlp.exe
Details File 2
打包图39.chm
Details File 2
3图片2.chm
Details File 2
21照片3.chm
Details File 2
ios已压缩-自动转换.chm
Details File 2
000999.chm
Details File 2
企业随机抽查结果名单公示.chm
Details File 2
随机抽查结果名单公示.chm
Details File 2
2024年补贴政策更改通知.chm
Details File 2
方案图a2023050101221.chm
Details File 2
by2.html
Details File 2
todeѕk.msi
Details File 2
tg-x64-gt-z.msi
Details File 7
setup.rar
Details File 15
x64.exe
Details File 2
bootstrappackagedgame-shipping.exe
Details File 11
6.zip
Details File 2
28.zip
Details File 6
installer.msi
Details File 2
flash.msi
Details File 2
77.zip
Details File 2
214-installer.zip
Details File 2
todesk_setup.zip
Details File 2
0_setup.zip
Details File 2
desktop-x64_setup.zip
Details File 2
flash.zip
Details File 2
例如在恶意ziplib.dll
Details File 2
来解压all.zip
Details File 2
解压之后利用白+黑的方式执行down.exe
Details File 2
以此让libcef.dll
Details File 2
ai.wps
Details File 2
i4.sie
Details md5 2
ff73f28f9cf60c40b293163647d67cb4
Details md5 2
63244d79895edbe76f7b7d54205a52a7
Details md5 2
6ba65d9b9a79fc14856fc1846742d5f4
Details md5 2
e4c28654e0ffeaaa20ea47801d3fe298
Details md5 2
5642afc033aa85a16db84cf9418c1cf2
Details md5 2
975835bd87410a77a98270c217b9c840
Details md5 2
fbc747cf053664a23160f34427ea5663
Details md5 2
53f6d61915a09dc43ec7d3b8decf2308
Details md5 2
825b84191f34f779777f402b3c06844f
Details md5 2
1834b7f9333e6107f97b5312bbf82cef
Details md5 2
269c0370eca653552a2288a1c3a0c0b0
Details md5 2
b04c871ccfd69b3dbd0dea3bae460ae8
Details md5 2
d4a0335033b9c417c6f8b4c3c0fd36fa
Details md5 2
ce18aa2ab1cab05f31cb87185012c3e8
Details md5 2
584bc24441f8ee3d83416bb328563cb4
Details md5 2
2c8c9ad6b83ec1f6a6ed9581d63757e1
Details md5 2
21659aad8f1724dfca9e37885b506f2a
Details md5 2
cac9c199d9fce533549bf8f8b5cfae07
Details md5 2
b8378df99481a1e80d155ea13e2af9bc
Details md5 2
5e30df0a5d3011be3e5ca5b31f8ae66a
Details md5 2
6b5ae5a6f4ab2bb1b3e6fe7f59de51ff
Details md5 2
df71f71dd6fb4e069ae3542d8f88fc78
Details md5 2
4788a9111320d58a50e00b9acd8619ad
Details md5 2
ddf101247cde75e58583d6f906c77c28
Details md5 2
dc2a38f45f5a9d3437d55957872d373b
Details md5 2
2c9c57b7fe11d6c3ad8f98da6d573276
Details md5 2
ea2c2d1eb4c01b26b0756522ddf7bc02
Details md5 2
653ab9a952f61e001fa721f01b93ed36
Details md5 2
0f56b08a09465d34f4f6bcb07edbe813
Details md5 2
02ce4f6b713cfa903cd122bf9b2814a9
Details md5 2
fdcabd309081d48fa04fb63570bd1110
Details md5 2
64242ea8370c6077f1452805e16081b1
Details md5 2
4fc7367182b2ef1dc335a5602b192697
Details md5 2
a06edec3ffa06090e02cea6efff06baf
Details md5 2
2290c047c37a208cc16d73d06b1fe8b6
Details md5 2
b36655c027c2715a66f1a77459535dcc
Details md5 2
fc328b265a0dac38ad64db55f11496c0
Details IPv4 4
45.204.2.166
Details IPv4 2
47.104.226.150
Details IPv4 2
154.83.17.175
Details IPv4 3
1.1.0.28
Details IPv4 2
8.66.0.77
Details IPv4 2
8.105.0.214
Details IPv4 2
52.128.226.74
Details IPv4 2
23.132.184.178
Details IPv4 2
47.238.165.40
Details IPv4 2
192.197.113.45
Details IPv4 2
156.251.17.236
Details IPv4 2
8.218.252.84
Details IPv4 2
156.248.54.46
Details IPv4 2
156.254.126.175
Details Url 2
https://lldwt-oss.oss-cn-beijing.aliyuncs.com/b.dat
Details Url 2
http://47.104.226.150/chm/by2.html
Details Url 2
https://s3.ap-southeast-1.amazonaws.com/ahjfsafh4.aws/kakaotolk-introilro-1.0.6.zip
Details Url 2
https://s3.ap-southeast-1.amazonaws.com/ahjfsafh4.aws/skypesotupfiualio.8.66.0.77.zip
Details Url 2
https://fdehwuirz.oss-ap-southeast-1.aliyuncs.com/td_8.105.0.214-installer.zip
Details Url 2
https://fdehwuirz.oss-ap-southeast-1.aliyuncs.com/todesk_setup.zip
Details Url 2
https://fdehwuirz.oss-ap-southeast-1.aliyuncs.com/winrar5.9.0_setup.zip
Details Url 2
https://fdehwuirz.oss-ap-southeast-1.aliyuncs.com/desktop-x64_setup.zip
Details Url 2
https://ksjkantuwang.oss-cn-hongkong.aliyuncs.com/flash.zip
Details Url 2
https://kaokk.yahaibei.cn
Details Url 4
https://weishi.zzdoo.cn
Details Url 94
https://sandbox.ti.qianxin.com/sandbox/page