ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Intelligence Report: Understanding and Mitigating ‘Cosmic Energy’ using the MITRE ATT&CK…

Tags

cmtmf-attack-pattern:	Automated Exfiltration Endpoint Denial Of Service
country:	Belarus Iran Saudi Arabia Russia Ukraine
attack-pattern:	Data Application Layer Protocol - T1437 Commonly Used Port - T1436 Domains - T1583.001 Domains - T1584.001 Endpoint Denial Of Service - T1642 Endpoint Denial Of Service - T1499 File And Directory Discovery - T1420 Inhibit System Recovery - T1490 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 System Information Discovery - T1426 Modify System Image - T1601 Server - T1583.004 Server - T1584.004 Software - T1592.002 System Shutdown/Reboot - T1529 Vulnerabilities - T1588.006 Access Token Manipulation - T1134 Account Manipulation - T1098 Standard Application Layer Protocol - T1071 Automated Exfiltration - T1020 Commonly Used Port - T1043 Data Compressed - T1002 Data Obfuscation - T1001 Data Staged - T1074 File And Directory Discovery - T1083 Remote File Copy - T1105 System Information Discovery - T1082 Commonly Used Port Manipulation Of Control Standard Application Layer Protocol

Show in Graph

Common Information

Type	Value
UUID	e01a6208-7a60-4968-a6ca-330a58f8abf3
Fingerprint	ff6883958fb35fc7
Analysis status	DONE
Considered CTI value	2
Text language
Published	May 26, 2023, 5:21 a.m.
Added to db	May 26, 2023, 2:49 p.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	Threat Intelligence Report: Understanding and Mitigating ‘Cosmic Energy’ using the MITRE ATT&CK framework: A Rising Threat within the Evolving Geopolitical Landscape
Title	Threat Intelligence Report: Understanding and Mitigating ‘Cosmic Energy’ using the MITRE ATT&CK…
Detected Hints/Tags/Attributes	113/3/27

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@diparra801/threat-intelligence-report-2fd1c8ebdfbb?source=rss------malware-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	171	✔	Malware on Medium	https://medium.com/feed/tag/malware	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	17	cyberscoop.com
Details	Domain	21	foreignpolicy.com
Details	Domain	182	www.mandiant.com
Details	Domain	360	attack.mitre.org
Details	MITRE ATT&CK Techniques	75	T1001
Details	MITRE ATT&CK Techniques	102	T1020
Details	MITRE ATT&CK Techniques	31	T1499
Details	MITRE ATT&CK Techniques	6	T0886
Details	MITRE ATT&CK Techniques	585	T1083
Details	MITRE ATT&CK Techniques	1006	T1082
Details	MITRE ATT&CK Techniques	492	T1105
Details	MITRE ATT&CK Techniques	60	T1043
Details	MITRE ATT&CK Techniques	444	T1071
Details	MITRE ATT&CK Techniques	116	T1134
Details	MITRE ATT&CK Techniques	112	T1098
Details	MITRE ATT&CK Techniques	3	T1601
Details	MITRE ATT&CK Techniques	67	T1074
Details	MITRE ATT&CK Techniques	24	T1002
Details	MITRE ATT&CK Techniques	276	T1490
Details	MITRE ATT&CK Techniques	48	T1529
Details	MITRE ATT&CK Techniques	9	T0827
Details	MITRE ATT&CK Techniques	4	T0816
Details	Threat Actor Identifier - APT	665	APT29
Details	Url	1	https://cyberscoop.com/russia-ics-malware-cosmicenergy
Details	Url	1	https://foreignpolicy.com/2023/02/24/russia-ukraine-war-cybercrime-strategy
Details	Url	3	https://www.mandiant.com/resources/blog/cosmicenergy-ot-malware-russian-response
Details	Url	57	https://attack.mitre.org