Additional Analysis into the SUNBURST Backdoor | McAfee Blog
Tags
Common Information
| Type | Value |
|---|---|
| UUID | e2c25c51-3215-4845-9032-413f37abcfd3 |
| Fingerprint | 370494c045358dc1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Dec. 17, 2020, 11:27 p.m. |
| Added to db | Nov. 6, 2023, 7:13 p.m. |
| Last updated | Nov. 12, 2024, 11:53 a.m. |
| Headline | Additional Analysis into the SUNBURST Backdoor |
| Title | Additional Analysis into the SUNBURST Backdoor | McAfee Blog |
| Detected Hints/Tags/Attributes | 52/2/36 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 333 | ✔ | — | https://www.mcafee.com/blogs/other-blogs/mcafee-labs/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 11 | kc.mcafee.com |
|
| Details | Domain | 103 | www.mcafee.com |
|
| Details | Domain | 50 | avsvmcloud.com |
|
| Details | Domain | 2 | 02m6hcopd17p6h450gt3.appsync-api.us-west-2.avsvmcloud.com |
|
| Details | Domain | 1 | 039n5tnndkhrfn5cun0y0sz02hij0b12.appsync-api.us-west-2.avsvmcloud.com |
|
| Details | Domain | 1 | 043o9vacvthf0v95t81l.appsync-api.us-east-2.avsvmcloud.com |
|
| Details | Domain | 1 | 04jrge684mgk4eq8m8adfg7.appsync-api.us-east-2.avsvmcloud.com |
|
| Details | Domain | 1 | 04r0rndp6aom5fq5g6p1.appsync-api.us-west-2.avsvmcloud.com |
|
| Details | Domain | 2 | 04spiistorug1jq5o6o0.appsync-api.us-west-2.avsvmcloud.com |
|
| Details | Domain | 18 | freescanonline.com |
|
| Details | Domain | 19 | deftsecurity.com |
|
| Details | Domain | 18 | thedoccloud.com |
|
| Details | Domain | 13 | websitetheme.com |
|
| Details | Domain | 15 | highdatabase.com |
|
| Details | Domain | 16 | incomeupdate.com |
|
| Details | Domain | 15 | databasegalore.com |
|
| Details | Domain | 16 | panhardware.com |
|
| Details | Domain | 14 | zupertech.com |
|
| Details | Domain | 5 | virtualdataserver.com |
|
| Details | Domain | 11 | digitalcollege.org |
|
| Details | File | 1 | insights-preview.html |
|
| Details | File | 29 | orion.core |
|
| Details | File | 26 | businesslayer.dll |
|
| Details | File | 3 | httphelper.ini |
|
| Details | File | 4 | us-west-2.avs |
|
| Details | File | 4 | us-east-2.avs |
|
| Details | IPv4 | 132 | 10.0.0.0 |
|
| Details | IPv4 | 22 | 255.0.0.0 |
|
| Details | IPv4 | 81 | 172.16.0.0 |
|
| Details | IPv4 | 3 | 255.240.0.0 |
|
| Details | IPv4 | 124 | 192.168.0.0 |
|
| Details | IPv4 | 23 | 255.255.0.0 |
|
| Details | Url | 1 | https://kc.mcafee.com/corporate/index?page=content&id=kb93861 |
|
| Details | Url | 1 | https://www.mcafee.com/blogs/other-blogs/mcafee-labs/sunburst-malware-and-solarwinds-supply-chain-compromise |
|
| Details | Url | 1 | https://www.mcafee.com/enterprise/en-us/lp/insights-preview.html# |
|
| Details | Windows Registry Key | 8 | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography |