情报速递20240620|利用开源远程控制程序进行的钓鱼攻击
Tags
| attack-pattern: | Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | ede33660-a048-4eb0-8108-bd2c0235cf06 |
| Fingerprint | 28fb9a23133aa9b6 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 11, 2024, midnight |
| Added to db | Aug. 31, 2024, 9:03 a.m. |
| Last updated | Nov. 18, 2024, 8:35 a.m. |
| Headline | 情报速递20240620|利用开源远程控制程序进行的钓鱼攻击 |
| Title | 情报速递20240620|利用开源远程控制程序进行的钓鱼攻击 |
| Detected Hints/Tags/Attributes | 6/1/90 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 262 | ✔ | 腾讯安全威胁情报中心 | https://wechat2rss.xlab.app/feed/034265b14906a59ef7cf1fcbd56699b54a696094.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4129 | github.com |
|
| Details | Domain | 1 | allay.x3322.net |
|
| Details | Domain | 2 | webwhatsapp.cc |
|
| Details | File | 1 | 公司法人资料.exe |
|
| Details | File | 1 | 公司法人资料.rar |
|
| Details | File | 1 | 获取帐号今日结果.exe |
|
| Details | File | 1 | 100组.exe |
|
| Details | File | 1 | 12最新.exe |
|
| Details | File | 1 | 直播间.exe |
|
| Details | File | 1 | 5分钟客户端.exe |
|
| Details | File | 1 | 多组.exe |
|
| Details | File | 1 | 期期滚多组.exe |
|
| Details | Github username | 2 | qwqdanchun |
|
| Details | Github username | 9 | nyan-x-cat |
|
| Details | md5 | 1 | 6a2b364d8eaa498d46958b8104e047f9 |
|
| Details | md5 | 1 | 4ce199e39d3e7ddf035e3965331ad934 |
|
| Details | md5 | 1 | 6fc1c7d643c5d4b8812fd41d84ac7f43 |
|
| Details | md5 | 1 | 6d0a6d867176b81d973104bd05bf5588 |
|
| Details | md5 | 1 | 1a55b1b8e06b4f913ec1058b79d6c634 |
|
| Details | md5 | 1 | c93cb466cd43daeb626f46a82e0c8f4d |
|
| Details | md5 | 1 | 64ad72f11bcef0388b910ccab8d053e4 |
|
| Details | md5 | 1 | 164e4c5b332cc56cfa830ceb3bb0cc69 |
|
| Details | md5 | 1 | 146a272a90a1aecbec61b2cebd11878c |
|
| Details | md5 | 1 | 9a688e18717ffd4906d03d2bee518591 |
|
| Details | md5 | 1 | 4be3faf962aeccdded46157b294bf623 |
|
| Details | md5 | 1 | 8efd17733a1c83b43c44061c64b17f86 |
|
| Details | md5 | 1 | e25d93e480466db7a712f079dee122c1 |
|
| Details | md5 | 1 | 768e30ede32fa0d409387bda33126f5c |
|
| Details | md5 | 1 | ebec9739504e7f222b2cd1c8d9ba3d09 |
|
| Details | md5 | 1 | 09f13e9dc99d18e59cb19379123e939b |
|
| Details | md5 | 1 | a1db4653f9024c88e66164cff236d72d |
|
| Details | md5 | 1 | 5b215baf92a8e09cf3632b1767e6494e |
|
| Details | md5 | 1 | 0828145ada2defb307def6e1f9356287 |
|
| Details | md5 | 1 | 5477db85d8176f46b0e7f060580ef1f6 |
|
| Details | md5 | 1 | 2435ef2414fcf616da97999a95ec4bd8 |
|
| Details | md5 | 1 | 91504e706d188fc160575ea92b8ad19a |
|
| Details | md5 | 1 | f442b7cc305e767cdd0209f15f599772 |
|
| Details | md5 | 1 | 1ebc277fc5893971a3c010fe7cbf644f |
|
| Details | md5 | 1 | 9294d30b0956e271830906085570a8e6 |
|
| Details | md5 | 1 | d75295174647eea8e6061225638a14ef |
|
| Details | md5 | 1 | cd2ee3b235441e43342ffd98239c783f |
|
| Details | md5 | 1 | fb3467549a8fd973801d69720903f7ee |
|
| Details | md5 | 1 | d21921f526ef162284d462da5d62f522 |
|
| Details | md5 | 1 | 39f077455dffa3ad053be3c4dbea73e6 |
|
| Details | md5 | 1 | 5e1e91045be6d9753df915956e934b2b |
|
| Details | md5 | 1 | b7d579e26b673c6866c448e6af708515 |
|
| Details | md5 | 1 | 4dbccc69cb09bbefee39e60f996d1949 |
|
| Details | md5 | 1 | 2a6ba8d9ee0625eb58aa3a1eb2cfcaaf |
|
| Details | md5 | 1 | 906726ddf0e61919d51be2e46c57f384 |
|
| Details | md5 | 1 | 6dd9a17f77d8693293ccdbe32b14fe86 |
|
| Details | md5 | 1 | 72069e37855040d1ea1358ea5789f5eb |
|
| Details | md5 | 1 | 17081f5bd50d12d0fa90deef817b193f |
|
| Details | md5 | 1 | 7db09ab396b86c52827a991e0cc030d1 |
|
| Details | md5 | 1 | 0a060b59661a27c6447d6558ceaa551d |
|
| Details | md5 | 1 | 01e8166ca7d902c56f21aea8149548f1 |
|
| Details | md5 | 1 | 9dafe89d743bd52a5c2573fa3f39d58b |
|
| Details | md5 | 1 | d0a3e7054f2ff856ee598e9d7a1104d9 |
|
| Details | md5 | 1 | de381cb11556f388e5326ff8cd3a4002 |
|
| Details | md5 | 1 | de25323b34a022cd2b54ee8f71f13d86 |
|
| Details | md5 | 1 | 83284925ebdb49738959baae44f16c56 |
|
| Details | md5 | 1 | 16fe25f1808ec61c7e7e96dec85ac5de |
|
| Details | md5 | 1 | 86c954089ee9f19bd312d32911164a0a |
|
| Details | md5 | 1 | 5e971927102afd6a181112b4e957ee20 |
|
| Details | md5 | 1 | b121e0ca9a011f3187434f405e940368 |
|
| Details | md5 | 1 | 6f169e0204c4c55a54bc3afd72210f25 |
|
| Details | md5 | 1 | 27e3ee8c3aa802cbce80d6508e45da80 |
|
| Details | md5 | 1 | 039f2c3fabb6110a1c3fce600c798321 |
|
| Details | md5 | 1 | fec5ca2f222b61345e3f3c7f6f375cbd |
|
| Details | IPv4 | 1 | 106.54.204.119 |
|
| Details | IPv4 | 2 | 154.12.93.14 |
|
| Details | IPv4 | 1 | 192.197.113.223 |
|
| Details | IPv4 | 1 | 194.26.192.154 |
|
| Details | IPv4 | 1 | 123.99.200.147 |
|
| Details | IPv4 | 1 | 111.230.96.32 |
|
| Details | IPv4 | 1 | 103.30.78.218 |
|
| Details | IPv4 | 1 | 94.156.65.121 |
|
| Details | IPv4 | 1 | 111.6.42.7 |
|
| Details | IPv4 | 1 | 157.20.182.102 |
|
| Details | IPv4 | 1 | 94.156.66.48 |
|
| Details | IPv4 | 1 | 123.56.8.218 |
|
| Details | IPv4 | 1 | 91.92.246.67 |
|
| Details | IPv4 | 1 | 156.238.227.48 |
|
| Details | IPv4 | 1 | 49.247.174.37 |
|
| Details | IPv4 | 1 | 47.242.231.229 |
|
| Details | IPv4 | 1 | 37.120.141.144 |
|
| Details | IPv4 | 1 | 47.242.70.176 |
|
| Details | IPv4 | 1 | 45.92.1.7 |
|
| Details | IPv4 | 1 | 8.217.140.110 |
|
| Details | Url | 1 | https://github.com/qwqdanchun/dcrat),该远控木马基于.net编写 |
|
| Details | Url | 4 | https://github.com/nyan-x-cat/asyncrat-c-sharp |