Turla APT Targets Albania With Backdooor in Ongoing Campaign to Breach European Organizations
Tags
country: Albania Poland Russia Ukraine
attack-pattern: Data Ip Addresses - T1590.005 Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID f216cb0f-634a-4f98-a417-6c3a497e55fa
Fingerprint e45dcdd39236934d
Analysis status DONE
Considered CTI value 1
Text language
Published April 15, 2024, midnight
Added to db Aug. 31, 2024, 12:35 a.m.
Last updated Nov. 17, 2024, 5:57 p.m.
Headline Turla APT Targets Albania With Backdooor in Ongoing Campaign to Breach European Organizations
Title Turla APT Targets Albania With Backdooor in Ongoing Campaign to Breach European Organizations
Detected Hints/Tags/Attributes 37/2/10
Source URLs
Redirection Url
Details Source https://blog.eclecticiq.com/turla-apt-targets-albania-with-backdooor-in-ongoing-campaign-to-breach-european-organizations
URL Provider
Details Provider Source level domain
Details eclecticiq.com blog.eclecticiq.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 32 EclecticIQ Blog https://blog.eclecticiq.com/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 18 
cti.eclecticiq.com
Details Domain 49 
eclecticiq.com
Details Domain 261 
blog.talosintelligence.com
Details Email 47 
research@eclecticiq.com
Details File 1 
firewall_bllok_ip.txt
Details sha256 1 
7aa5a936a67cf367c0f1e0a22f3290ae57d8af01679daa811bb975c2978ca8a3
Details IPv4 3 
91.193.18.120
Details Url 13 
https://cti.eclecticiq.com/taxii/discovery.
Details Url 1 
https://blog.talosintelligence.com/tinyturla-next-generation
Details Url 4 
https://blog.talosintelligence.com/tinyturla-full-kill-chain