ioc[.]one - OSINT Cyber Threat Intelligence Database

nao-sec.org

Tags

country:	Malaysia China Japan Mongolia Vietnam Ukraine United States Of America U.S. Virgin Islands
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	f526b072-1947-4cd0-be66-adfad071b49f
Fingerprint	b1398a18241d0897
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 4, 2021, 3 p.m.
Added to db	Sept. 11, 2022, 12:46 p.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	nao_sec
Title	nao-sec.org
Detected Hints/Tags/Attributes	87/3/43

Source URLs

	Redirection	Url
Details	Source	https://nao-sec.org/2021/01/royal-road-redive.html

URL Provider

Details	Provider	Source level domain
Details	nao-sec.org	nao-sec.org

Attributes

Details	Type	#Events	Value
Details	CVE	375	cve-2017-11882
Details	CVE	58	cve-2018-0798
Details	CVE	117	cve-2018-0802
Details	Domain	21	nao-sec.org
Details	Domain	4127	github.com
Details	Domain	17	vblocalhost.com
Details	Domain	20	insight-jp.nttsecurity.com
Details	Domain	141	research.checkpoint.com
Details	Domain	42	tencent.com
Details	Domain	53	blogs.blackberry.com
Details	Domain	224	unit42.paloaltonetworks.com
Details	File	2	jsac2020_ioc.html
Details	File	5	an-overhead-view-of-the-royal-road.html
Details	File	1	vb2020-ozawa-etal.pdf
Details	File	3	836.html
Details	File	2	895.html
Details	Github username	5	nao-sec
Details	Mandiant Temporary Group Assumption	4	TEMP.TICK
Details	Mandiant Temporary Group Assumption	3	TEMP.CONIMES
Details	Mandiant Temporary Group Assumption	44	TEMP.PERISCOPE
Details	Mandiant Temporary Group Assumption	8	TEMP.TRIDENT
Details	Threat Actor Identifier - APT	143	APT40
Details	Threat Actor Identifier - APT	278	APT10
Details	Url	4	https://github.com/nao-sec/rr_decoder
Details	Url	2	https://github.com/nao-sec/yara_rules
Details	Url	2	https://nao-sec.org/jsac2020_ioc.html
Details	Url	4	https://nao-sec.org/2020/01/an-overhead-view-of-the-royal-road.html
Details	Url	1	https://vblocalhost.com/uploads/vb2020-ozawa-etal.pdf
Details	Url	1	https://insight-jp.nttsecurity.com/post/102gi9b/pandas-new-arsenal-part-1-tmanger
Details	Url	1	https://insight-jp.nttsecurity.com/post/102gkfp/pandas-new-arsenal-part-2-albaniiutas
Details	Url	1	https://insight-jp.nttsecurity.com/post/102glv5/pandas-new-arsenal-part-3-smanager
Details	Url	1	https://research.checkpoint.com/2020/naikon-apt-cyber-espionage-reloaded
Details	Url	3	https://s.tencent.com/research/report/836.html
Details	Url	2	https://s.tencent.com/research/report/895.html
Details	Url	1	https://www.ptsecurity.com/ru-ru/research/pt-esc-threat-intelligence/covid-19-i-novogodnie-pozdravleniya-issleduem-instrumenty-gruppirovki-higaisa
Details	Url	1	https://www.nttsecurity.com/docs/librariesprovider3/default-document-library/craftypanda-analysis-report
Details	Url	1	https://blogs.blackberry.com/en/2016/04/the-ghost-dragon
Details	Url	1	https://unit42.paloaltonetworks.com/pkplug_chinese_cyber_espionage_group_attacking_asia
Details	Url	2	https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign
Details	Url	1	https://labs.bitdefender.com/2020/11/a-detailed-timeline-of-a-chinese-apt-espionage-attack-targeting-south-eastern-asian-government-institutions
Details	Url	1	https://www.proofpoint.com/us/threat-insight/post/lookback-malware-targets-united-states-utilities-sector-phishing-attacks
Details	Url	2	https://www.proofpoint.com/us/threat-insight/post/lookback-forges-ahead-continued-targeting-united-states-utilities-sector-reveals
Details	Url	1	https://www.proofpoint.com/us/blog/threat-insight/ta410-group-behind-lookback-attacks-against-us-utilities-sector-returns-new