Core Werewolf hones its arsenal against Russia’s government organizations
Tags
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Scripting - T1064 Scripting |
Common Information
| Type | Value |
|---|---|
| UUID | dd83cf97-69cf-4c05-a3ed-501f8ab3f53f |
| Fingerprint | 95c3291a25f7ef82 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 10, 2024, 7:04 a.m. |
| Added to db | Oct. 11, 2024, 3:28 p.m. |
| Last updated | Nov. 14, 2024, 1:19 p.m. |
| Headline | Core Werewolf hones its arsenal against Russia’s government organizations |
| Title | Core Werewolf hones its arsenal against Russia’s government organizations |
| Detected Hints/Tags/Attributes | 31/2/68 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 24 | bi.zone |
|
| Details | Domain | 4 | 1tutor.ru |
|
| Details | Domain | 4 | dsksb.ru |
|
| Details | Domain | 4 | conversesuisse.net |
|
| Details | Domain | 4 | cntula.ru |
|
| Details | File | 1 | %temp%\desktop-et51ajo_bruno.txt |
|
| Details | File | 3 | 9733698215789059.txt |
|
| Details | File | 1 | 5773395227936203.txt |
|
| Details | File | 1 | план_работы_по_вопросам_эффективности_применения_огневого_поражения_рвиа__.pdf |
|
| Details | File | 1 | разведывательная_информация_по_состоянию_на_2024_09_23_на_доклад_для_нач_штабов.exe |
|
| Details | File | 1 | план_работы______по_вопросам____эффективности_применения_огневого_поражения_рвиа.exe |
|
| Details | File | 1 | план_работы_по_вопросам_эффективности_применения_огневого_поражения_рвиа__.exe |
|
| Details | File | 1 | план_и_расписание__работы_комиссии_довести_командирам_частей_и_нш.exe |
|
| Details | File | 1 | 9481940632028706.exe |
|
| Details | File | 1 | 3823822393935372.exe |
|
| Details | File | 1 | 0554702337892303.exe |
|
| Details | File | 1 | 6394810657788120.exe |
|
| Details | md5 | 4 | 36f96f199cf97ee8cbdd0271bd6598ca |
|
| Details | md5 | 4 | 9a454c6e336ac65df9a0330db086565f |
|
| Details | md5 | 4 | 20e4539a0c14c63afa24744b3767f103 |
|
| Details | md5 | 4 | 88849c55911c4b1866fb7099f9c54407 |
|
| Details | md5 | 4 | e058d942a6dadfb09bd652ce1e1b2518 |
|
| Details | md5 | 4 | 9c0933a8a4fcb108dae9ee4cf9f7645b |
|
| Details | md5 | 4 | 6a495d68c106da8e9e4ec4bab72969c7 |
|
| Details | md5 | 4 | 2c77773840821a49d71ac7c9e31258f9 |
|
| Details | md5 | 4 | a3bd5a90c900bd78b015804c2e2159c6 |
|
| Details | md5 | 4 | 13dbc816bca4f7668452fd8d28bb95e1 |
|
| Details | md5 | 4 | 0adb9b817f1df7807576c2d7068dd931 |
|
| Details | md5 | 4 | f3b95a48f3415e8909b979f9219a68b4 |
|
| Details | md5 | 4 | 22a0ffa0c20131cd10fe074dbbcdd262 |
|
| Details | md5 | 4 | 770c3ea782ea6d4430b64e24ebce8ca8 |
|
| Details | md5 | 4 | 6834ec008b5dc8980a1c7a3e13a1a8ea |
|
| Details | sha1 | 4 | 2c2660577d4f853935a64c47cf8967a74e32d0f8 |
|
| Details | sha1 | 4 | 2f835234ff7b497944220a72315c1b80d2474fa5 |
|
| Details | sha1 | 4 | 2fcc26ba22a592f7cd1dc81c212e79795fc05f76 |
|
| Details | sha1 | 4 | 01bea2e4ff7bba835d88714ec4fde8d97a250639 |
|
| Details | sha1 | 4 | bcef3e23516e7df558b07da2edee8c47398a2472 |
|
| Details | sha1 | 4 | 7d53b53514fd54af5e547c02eb8163dbd25f79ca |
|
| Details | sha1 | 4 | 871a675d43758907d02d5b7e57d8a96f70dd3b27 |
|
| Details | sha1 | 4 | 35da880d75ab18f132dfed65adf545e079a99f55 |
|
| Details | sha1 | 4 | 80ef6745cd0412ab587def958f6425de2b144935 |
|
| Details | sha1 | 4 | 5eba332d8372d94d17e87b6c8234b2cad052bb17 |
|
| Details | sha1 | 4 | 4a1b94a9a5113106f40cd8ea724703734d15f118 |
|
| Details | sha1 | 4 | 4f47703cdc419e2942ff2697b7ee40a4d703956f |
|
| Details | sha1 | 4 | 2ba32d676b04da49276527d4b428c36b2cb61b81 |
|
| Details | sha1 | 4 | 21b551deb21e6218741e424086b1eaad0064fe65 |
|
| Details | sha1 | 4 | a2146ccfffbabed1501e8ad00fada778e3817f94 |
|
| Details | sha256 | 4 | 703835c57b8985141ef3ef652e2593935a47bd9779d08963c5eb973b8b82d08a |
|
| Details | sha256 | 4 | 19ff0ce570aabefcab0eed08afdaffd16c5516d91962e099498ecaf97f394766 |
|
| Details | sha256 | 4 | d42942acee6154609c1c5f61bb0fb863c4598dd82e6d28af58c9dfbee71c4521 |
|
| Details | sha256 | 4 | b09807247282baaddb32ffe114b046325dd648a4c298f3b5c9addaa635b0520c |
|
| Details | sha256 | 4 | 114de7d5e7dd6088f68705d519fc35530433506965ec5288e9dfb005bfec73c8 |
|
| Details | sha256 | 4 | 6a3584f8e6b5f8e2fb5826aa0f042bf30b06e7467f022499a71273e15daaa216 |
|
| Details | sha256 | 4 | a049cc364151ddfb3b87c11050a9b027ec4a1687ae4415b8d07afa4bc7aeaced |
|
| Details | sha256 | 4 | 2b62b9481c0bcdf46a24a792f44e152ea5b7c5143cb06af9d82ff8c2c8433551 |
|
| Details | sha256 | 4 | 731b4673f28da5d8b48f016a478be4e1ffea247d5b44a6612c506110b8fdd97c |
|
| Details | sha256 | 4 | 3cfc1ecd00d52349c0b1ac0692774b31a97342330ef664b546fa3b8aa1d3a6c2 |
|
| Details | sha256 | 4 | eecfa15d69a6322fac39e945d68664a037e48a60644a76acd8b49490e6c93c06 |
|
| Details | sha256 | 4 | 75cd7ef3e87d59f32939832e3b5eeb586d0fc1467721a30b64132bc5f833697f |
|
| Details | sha256 | 4 | 00ec82306c9df4aee9dda42933ed55afa9e53ed74c2018bc0ce43d87edad2f98 |
|
| Details | sha256 | 4 | a8ea0f64e7e08d59b45068c1ff4eda4d7fd9d92148cd3d4c664da9c18aaf1f32 |
|
| Details | IPv4 | 3 | 3.3.16.1 |
|
| Details | IPv4 | 4 | 188.127.240.131 |
|
| Details | IPv4 | 4 | 80.85.155.134 |
|
| Details | IPv4 | 4 | 178.20.46.163 |
|
| Details | IPv4 | 4 | 31.192.107.165 |
|
| Details | Url | 3 | http://1tutor.ru/desktop-et51ajo_bruno/9733698215789059.txt |
|
| Details | Url | 3 | http://1tutor.ru/desktop-et51ajo_bruno/9733698215789059.au3 |