First-ever malware strain spotted abusing new DoH (DNS over HTTPS) protocol
Tags
country: Bangladesh Sri Lanka India Kyrgyzstan
attack-pattern: Data Confluence - T1213.001 Dns - T1071.004 Dns - T1590.002 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID eba8af31-f6b3-41d5-ab3c-39db966bccb0
Fingerprint be28191b08b27e9e
Analysis status DONE
Considered CTI value 0
Text language
Published July 3, 2019, midnight
Added to db Feb. 17, 2023, 11:30 p.m.
Last updated Oct. 16, 2024, 12:30 a.m.
Headline First-ever malware strain spotted abusing new DoH (DNS over HTTPS) protocol
Title First-ever malware strain spotted abusing new DoH (DNS over HTTPS) protocol
Detected Hints/Tags/Attributes 61/2/2
Source URLs
Redirection Url
Details Source https://www.zdnet.com/article/first-ever-malware-strain-spotted-abusing-new-doh-dns-over-https-protocol/
URL Provider
Details Provider Source level domain
Details zdnet.com www.zdnet.com
Attributes
Details Type #Events CTI Value
Details CVE 38 
cve-2019-3396
Details Domain 2 
liuxiaobei.com