ioc[.]one - OSINT Cyber Threat Intelligence Database

猎天行动——CNC（APT-C-48）组织最新攻击活动披露

Tags

Show in Graph

Common Information

Type	Value
UUID	f3cd66e8-ccd5-4b26-be4d-ea294c0c5b21
Fingerprint	a3340805593021c7
Analysis status	DONE
Considered CTI value	2
Text language
Published	Feb. 21, 2022, midnight
Added to db	Sept. 11, 2022, 12:46 p.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	猎天行动——CNC（APT-C-48）组织最新攻击活动披露
Title	猎天行动——CNC（APT-C-48）组织最新攻击活动披露
Detected Hints/Tags/Attributes	6/0/59

Source URLs

	Redirection	Url
Details	Source	https://mp.weixin.qq.com/s/dMFyLxsErYUZX7BQyBL9YQ

URL Provider

Details	Provider	Source level domain
Details	qq.com	mp.weixin.qq.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	dns1.pk-gov.org
Details	Domain	1	quwa-paf.servehttp.com
Details	Domain	1	cert.pk-gov.org
Details	Domain	1	nccs.pk-gov.org
Details	Domain	1	ntc-pk.sytes.net
Details	Domain	1	nitb.pk-gov.org
Details	Domain	4127	github.com
Details	Domain	27	api.github.com
Details	File	1	使用explorer.exe
Details	File	1	执行cmd.exe
Details	File	1	成立100周年普通纪念币.exe
Details	File	4	启动cmd.exe
Details	File	1	2020-2021-1学期试卷入库清单.php
Details	File	1	pl200_tmp2831474wdf.php
Details	File	1	aboutus.aspx
Details	File	40	jquery.js
Details	File	2	flashplayer32pp_xa_acr_install.exe
Details	File	1	变压器电感量测量.xlsx
Details	Github username	1	index-out
Details	Github username	1	index-out_tmpjuilo1
Details	Github username	11	repos
Details	md5	1	0c1cac170533c92dde9cbb52c66962b2
Details	md5	1	5c8f580fa9474ece952d134354813d2c
Details	md5	1	2c26e90d9989adc80499f5f50a720627
Details	md5	1	0b91944a53f3673874e8e0c18ac5e27d
Details	md5	1	1dfd00e4edc05fde0dfa63d7df09f2b9
Details	md5	1	c8a530029a6d4623044a0ab65ceaabbd
Details	md5	1	b61a7ac696321b70a96bbe4dd4ca2515
Details	md5	1	2d8a0bd2b45683d9c00d7e1cb0999e3a
Details	md5	1	640fc846839508c6e96b1d10d839bd85
Details	sha256	1	e59ad3ea3f1899c5e7b73c3b320ed6d16a028c83569918592754387dca61f97b
Details	sha256	1	97e6fa3d35adf36839e60a2a53e9701dca80e1eda0046310733277758c2bd3b8
Details	sha256	1	2af8bb3262bbbb432198d744f9b6addc0b043d01c93214ca947acf2572341708
Details	sha256	1	35118d4ed995388333e3bcd09e9981f1006bf81ab54ab54b4f6be028fde948b2
Details	sha256	1	bc2bc6ff6462b0743f53480b06bf2014d46dd687823239cf3ff702f6515b2276
Details	sha256	1	dfcb75c41b5ca716c14268b51d5706f12e85b50049db2bbb8833c431f0ae9b0a
Details	sha256	1	6c4c4981de2c85e8b8222a704fbdf6e07209868ce68c3b4dfaf9503f0652e3ec
Details	sha256	1	9bc75c69ead3c8ae7297911c3603cecc3f3d3c739cd5ebb60b111af1939c6952
Details	sha256	1	61f427eddd89c7d07cf7a7cac739918d5c6144d89ffe7a1a155818431c5c9880
Details	sha256	1	559c540bc880899768c61289e60e30901dffed43952dde5aa4a2989c1caec399
Details	sha256	1	e749c52ee346b55390b23740b14c8cb92fbafb03deab2a36ad81114ddfb5ecbc
Details	sha256	1	36b19e8b6f3c43f6bbde304b99186d2d59fa9a4f48eea20244709cf0ee18ce88
Details	IPv4	1	194.32.76.124
Details	IPv4	1	213.227.154.175
Details	IPv4	1	78.142.29.118
Details	IPv4	1	141.136.0.91
Details	IPv4	1	91.193.18.248
Details	Threat Actor Identifier - APT-C	7	APT-C-48
Details	Url	1	https://github.com/index-out/ofrange/raw/main/consolehost
Details	Url	1	https://github.com/index-out_tmpjuilo1/ofrange/raw/main/consolehost
Details	Url	1	https://api.github.com/repos/caseinsense/range/contents/eng
Details	Url	1	http://78.142.29.118/wdfc/2020-2021-1学期试卷入库清单.php
Details	Url	1	http://78.142.29.118/hkck/p43543552423/lpl3535/data577n
Details	Url	1	http://78.142.29.118/wdfd/pl200_tmp2831474wdf.php
Details	Url	1	https://141.136.0.91/aboutus.aspx?
Details	Url	1	https://91.193.18.248/jquery.js
Details	Url	1	https://91.193.18.248/question?
Details	Url	1	http://78.142.29.118/wdfd/f453457pl_tmp347923592380/flashplayer32pp_xa_acr_install.exe
Details	Url	1	http://78.142.29.118/wdfd/变压器电感量测量.xlsx