ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Actors Exploit the Tensions Between Azerbaijan and Armenia | FortiGuard Labs

Tags

country:	Armenia Azerbaijan Colombia
attack-pattern:	Data Html Smuggling - T1027.006 Malware - T1587.001 Malware - T1588.001 Msiexec - T1218.007 Scheduled Task - T1053.005 Server - T1583.004 Server - T1584.004 Connection Proxy - T1090 Scheduled Task - T1053

Show in Graph

Common Information

Type	Value
UUID	edcbd102-3254-486d-898c-83efa6272b99
Fingerprint	a5243fd9803a8097
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 27, 2023, 7:12 p.m.
Added to db	Nov. 19, 2023, 12:12 a.m.
Last updated	Nov. 17, 2024, 6:54 p.m.
Headline	Threat Actors Exploit the Tensions Between Azerbaijan and Armenia
Title	Threat Actors Exploit the Tensions Between Azerbaijan and Armenia \| FortiGuard Labs
Detected Hints/Tags/Attributes	49/2/20

Source URLs

	Redirection	Url
Details	Redirection	https://feeds.fortinet.com/~/796199180/0/fortinet/blog/threat-research~Threat-Actors-Exploit-the-Tensions-Between-Azerbaijan-and-Armenia
Details	Source	https://www.fortinet.com/blog/threat-research/threat-Actors-exploit-the-tensions-between-azerbaijan-and-armenia
Details	Source	https://www.fortinet.com/blog/threat-research/threat-Actors-exploit-the-tensions-between-azerbaijan-and-armenia?&web_view=true

URL Provider

Details	Provider	Source level domain
Details	fortinet.com	www.fortinet.com
Details	fortinet.com	feeds.fortinet.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	99	✔	Cyware News - Latest Cyber News	https://cyware.com/allnews/feed	2024-08-30 22:08
Details	122	✔	Fortinet Threat Research Blog	https://feeds.fortinet.com/fortinet/blog/threat-research	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	28	dl.dropboxusercontent.com
Details	Domain	1	aggression.zip
Details	File	269	msiexec.exe
Details	File	2	karabakh.jpg
Details	File	1	windowsdefenderhealthcheck.exe
Details	File	1	24rp.xml
Details	File	1	armenian_act_of_aggression.pdf
Details	File	1	aggression.zip
Details	sha256	1	2a71ba3fef819ab9ff3347cf71eea37766b1e80fdbc1b53c83dd3b19ce71ebfd
Details	sha256	1	17b3acb560e979556207b8e7e41a086f6f147381e2ffd1ce672d663a526b1fb5
Details	sha256	2	04725fb5a9e878d68e03176364f3b1057a5c54cca06ec988013a508d6bb29b42
Details	sha256	2	35f2f7cd7945f43d9692b6ea39d82c4fc9b86709b18164ad295ce66ac20fd8e5
Details	sha256	2	5327308fee51fc6bb95996c4185c4cfcbac580b747d79363c7cf66505f3ff6db
Details	IPv4	2	78.135.73.140
Details	IPv4	1	78.135.73.188
Details	IPv4	1	78.135.73.147
Details	IPv4	1	78.135.73.162
Details	IPv4	1	78.135.73.183
Details	Url	1	https://dl.dropboxusercontent.com/scl/fi/zjxgh8ofdmfca8bpfntw9/karabakh.jpg.msi?
Details	Url	1	https://dl.dropboxusercontent.com/scl/fi/zjxgh8ofdmfca8bpfntw9/karabakh.jpg.msi?rlkey=nidpjpx3ioigoq6qonibztwg4&dl=0