ioc[.]one - OSINT Cyber Threat Intelligence Database

APT-C-36（盲眼鹰）近期伪造司法部门文件投DcRat后门事件分析 | CTF导航

Tags

Show in Graph

Common Information

Type	Value
UUID	e56c4aeb-8de6-4fbe-a93d-e6fd18b72b34
Fingerprint	36ce4d477da6ad7
Analysis status	DONE
Considered CTI value	-2
Text language
Published	Nov. 10, 2024, midnight
Added to db	Nov. 20, 2024, 9:36 a.m.
Last updated	Dec. 17, 2024, 11:26 p.m.
Headline	APT-C-36（盲眼鹰）近期伪造司法部门文件投DcRat后门事件分析
Title	APT-C-36（盲眼鹰）近期伪造司法部门文件投DcRat后门事件分析 \| CTF导航
Detected Hints/Tags/Attributes	8/0/36

Source URLs

	Redirection	Url
Details	Source	https://www.ctfiot.com/216135.html

URL Provider

Details	Provider	Source level domain
Details	ctfiot.com	www.ctfiot.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	426	✔	CTF导航	https://www.ctfiot.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	3	dcmxz.duckdns.org
Details	Domain	3	www.informacionoportuna.com
Details	Domain	3	keepz.duckdns.org
Details	Domain	92	bitbucket.org
Details	Domain	369	pastebin.com
Details	Domain	117	cdn.discordapp.com
Details	Domain	11	textbin.net
Details	File	1	下一阶段的sostener.vbs
Details	File	2	便在计算机内%temp%目录下创建一个名为xxx.ps1
Details	File	2	和xx2.vbs
Details	File	2	运行andeloader将dcrat注入到regsvcs.exe
Details	File	401	www.inf
Details	File	3	dllskyfal.txt
Details	File	3	sostener.vbs
Details	File	4	dll.txt
Details	File	5	dllhope.txt
Details	File	2	f3dll.txt
Details	md5	3	816999bfe363b545575d2aaca78a6fdd
Details	md5	3	cd4b908264f6711321d7cb9d62df89d2
Details	md5	3	ff30cc63bb8ba014ffe95ba9fa52eca4
Details	md5	3	31748fb41fa5212711aac8dbd62af0b6
Details	md5	3	ad25a95f049577f0372657779a58bf0c
Details	md5	3	5d40616dda7b012eb774c45806b7b42a
Details	md5	3	4927769fa3f3c5a80287ab3e335d8769
Details	md5	3	e078fa76a2ddd05106a6dddba78b4608
Details	md5	3	e8c4326e36be1949ce49150c9066f944
Details	IPv4	3	91.202.233.169
Details	Threat Actor Identifier - APT-C	91	APT-C-36
Details	Url	3	https://www.informacionoportuna.com/wp-content/uploads/2024/09/dllskyfal.txt
Details	Url	3	http://keepz.duckdns.org/sostener.vbs
Details	Url	3	https://bitbucket.org/89999999999999/acaaaaaaaaa/downloads/dll.txt
Details	Url	3	http://pastebin.com/raw/v9y5q5vv
Details	Url	4	https://bitbucket.org/556ghfhgfhgf/fdsfdsf/downloads/dllhope.txt
Details	Url	3	https://cdn.discordapp.com/attachments/1046967871470837855/1046969589982044230/dll.txt
Details	Url	3	http://91.202.233.169/tak/reg/marz/drg/rtc/f3dll.txt
Details	Url	3	https://textbin.net/raw/ezjmofz3s6