New Espionage Campaign Targets South East Asia
Tags
| country: | China |
| attack-pattern: | Data Dns - T1071.004 Dns - T1590.002 Windows Service - T1543.003 Tool - T1588.002 |
Common Information
| Type | Value |
|---|---|
| UUID | e6dc8873-b31d-435c-9f7e-85d6469a5081 |
| Fingerprint | f7071df0ceb5a8dd |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Oct. 20, 2021, midnight |
| Added to db | Sept. 11, 2022, 12:45 p.m. |
| Last updated | Nov. 17, 2024, 12:53 p.m. |
| Headline | New Espionage Campaign Targets South East Asia |
| Title | New Espionage Campaign Targets South East Asia |
| Detected Hints/Tags/Attributes | 33/2/16 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 3 | sdc-integrity.dat |
|
| Details | File | 2 | scs-integrity.dat |
|
| Details | File | 13 | keys.dat |
|
| Details | sha256 | 1 | b04be710feba6a070107ff276e1e17e348f534eb9be142271e1ea2fcffa1ef9b |
|
| Details | sha256 | 1 | b25f3e8d1b7fcef6a54fc959d7e82c6a4e2da3836e98766ae4a157484da0b9b1 |
|
| Details | sha256 | 2 | 1af5252cadbe8cef16b4d73d4c4886ee9cecddd3625e28a59b59773f5a2a9f7f |
|
| Details | sha256 | 2 | a6f75af45c331a3fac8d2ce010969f4954e8480cbe9f9ea19ce3c51c44d17e98 |
|
| Details | sha256 | 2 | a15eda7c75cf4aa14182c3d44dc492957e9a9569e2d318881e5705da2b882324 |
|
| Details | sha256 | 2 | 967e8063bd9925c2c8dd80d86a6b01deb5af54e44825547a60c48528fb5f896d |
|
| Details | sha256 | 2 | 64f036f98aad41185163cb328636788a8c6b4e1082ae336dad42b79617e4813d |
|
| Details | sha256 | 1 | 91b3022e776d1ffb350e550911d08f10d30678bcb4c17d9c0ae5088f5e63146e |
|
| Details | sha256 | 1 | c3aee1f79e27af6ddc8ded38bfdfab004ad489c8f81f7928cfea5c05a3605338 |
|
| Details | sha256 | 1 | 37d0c0afaa77c7363b6515eff9590eba546cce2a751a454d5200a25b7c24dfef |
|
| Details | Threat Actor Identifier - APT | 31 | APT30 |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\.z\OpenWithProgidsEx |
|
| Details | Windows Registry Key | 1 | HKEY_CLASSES_ROOT\.z\OpenWithProgidsEx\CONFIG |