ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – Stayin’ Alive Campaign Linked to China Targets Asian Telecom and Government Organizations – Active IOCs - Rewterz

Tags

country:	China Pakistan Kazakhstan Uzbekistan Vietnam
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Dll Side-Loading - T1574.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Dll Side-Loading - T1073

Show in Graph

Common Information

Type	Value
UUID	e38b6b76-8e69-4fa2-bc4b-5eb6b64cb5a6
Fingerprint	b1441c432e17cee9
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 12, 2023, 11:04 a.m.
Added to db	Dec. 19, 2024, 9:31 a.m.
Last updated	Dec. 19, 2024, 9:32 a.m.
Headline	Rewterz Threat Alert – Stayin’ Alive Campaign Linked to China Targets Asian Telecom and Government Organizations – Active IOCs
Title	Rewterz Threat Alert – Stayin’ Alive Campaign Linked to China Targets Asian Telecom and Government Organizations – Active IOCs - Rewterz
Detected Hints/Tags/Attributes	48/3/52

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-stayin-alive-campaign-linked-to-china-targets-asian-telecom-and-government-organizations-active-iocs
Details	Redirection	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-stayin-alive-campaign-linked-to-china-targets-asian-telecom-and-government-organizations-active-iocs/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

Attributes

Details	Type	#Events	Value
Details	Domain	5	ns01.nayatel.orinafz.com
Details	Domain	5	eaq.machineaccountquota.com
Details	Domain	5	imap.774b884034c450b.com
Details	Domain	5	admit.pkigoscorp.com
Details	Domain	5	cyberguard.certexvpn.com
Details	File	7	dal_keepalives.dll
Details	File	3	cyberguard.cer
Details	md5	2	64d7674a4e9e2a973c976fade4e64e82
Details	md5	2	b31c32af306d736572263371afbd1802
Details	md5	2	ad8f36645796b44ee4e6465c8ad5ead9
Details	md5	2	dbe6f9117e0cac23a31b0f871561348a
Details	md5	2	dffce9860497d0dccd414ce31e59c058
Details	md5	2	b34df10485790ded5e1bf772b832f90e
Details	md5	2	9e737418f7d0f09f22167229853c9eba
Details	md5	2	e282d63beeb78fc1ef6f954ab3296669
Details	md5	2	e25f061dec65a7d2721f49d24b1187f0
Details	md5	2	5b3d4bd07f4ac158ed8965b717598458
Details	md5	2	753d9f3d05e9f8543e9ebe8c8bc11134
Details	md5	2	507641012e9ce459c448da48549d8609
Details	md5	2	12d7d7c7b0349a3ee3f5b6b9d5b419cd
Details	sha1	2	8351a715462e211dd1a833fdab6086fb423cd7c5
Details	sha1	2	f8900a1d6a6868547333cfa5511104201d28ee37
Details	sha1	2	8be6d9f79a37c698d94c88820e2f369b50ddc811
Details	sha1	2	6939b842bae577f600bdd2d26e443edad66bd8b8
Details	sha1	2	71dbd626aed9bc98e4347087be7efe0f7042f5fa
Details	sha1	2	bd3651da6717b7af4a84b762d963fb8be6839c59
Details	sha1	2	b201e4d5efe65813b08da9eeb9de0f80e6ae292a
Details	sha1	2	4c7005b33dcad81ffcf82841ad7cdf96a022cd8e
Details	sha1	2	3202616b92b96ea0e6eff76671eb65f7ac8925bf
Details	sha1	2	de80ffb1eed36eaaaa2584ee52b6edb6d8a48160
Details	sha1	2	561bfe296e786d3d5105871083a10276c5db5e75
Details	sha1	2	cc631fd2f0b55ab42d50864a550e4319c99354ae
Details	sha1	2	81a6126ad454a5e9eeffd410321b17c1c7e27c8a
Details	sha256	4	6eaa33812365865512044020bc4b95079a1cc2ddc26cdadf24a9ff76c81b1746
Details	sha256	4	78faceaf9a911d966086071ff085f2d5c2713b58446d48e0db1ad40974bb15cd
Details	sha256	4	409948cbbeaf051a41385d2e2bc32fc1e59789986852e608124b201d079e5c3c
Details	sha256	4	4d52d40bc7599b784a86a000ff436527babc46c5de737e19ded265416b4977c6
Details	sha256	4	437cde10797b75ea92b1b68eb887972fe43b434db3ed67b756e01698cce69b4a
Details	sha256	4	c5d1ee44ec75fc31e1c11fbf7a70ed7ca8c782099abfde15ecaa1b1edaf180ac
Details	sha256	4	da2d9ed632576eca68a0c6d8d5afd383a1d811c369012f0d7fb52cd06da8c9b9
Details	sha256	4	451f87134438fa7e5735a865989072e7bab4858ca0b1e921224ed27dea0226b0
Details	sha256	4	93e9237afaff14c6b9a24cf7275e9d66bc95af8a0cc93db2a68b47cbbca4c347
Details	sha256	4	482d41c4a2e14ddc072087a1b96f6e34ffda2bfc85819e21f15c97220825e651
Details	sha256	4	877579185a72fbaf1afa78d3c50dbab187780d545d5375ba4c29147083176697
Details	sha256	4	7418c4d96cb0fe41fc95c0a27d2364ac45eb749d7edbe0ab339ea954f86abf9e
Details	sha256	4	778b2526965dc1c4bcc401d0ae92037122e7e7f2c41f042f95b59a7f0fe6f30e
Details	IPv4	5	70.34.201.229
Details	IPv4	5	45.77.171.170
Details	IPv4	5	167.179.91.150
Details	IPv4	7	207.148.69.74
Details	IPv4	5	65.20.68.126
Details	IPv4	5	136.244.111.25