Не только стилер: бэкдор Gopuram распространялся посредством атаки на цепочку поставок 3CX
Tags
| attack-pattern: | Timestomp - T1070.006 Timestomp - T1099 |
Common Information
| Type | Value |
|---|---|
| UUID | f543a7c1-720c-4828-858c-a419944e53eb |
| Fingerprint | 92be5dab0266406b |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | April 6, 2023, 5 p.m. |
| Added to db | May 25, 2023, 4:34 a.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | Не только стилер: бэкдор Gopuram распространялся посредством атаки на цепочку поставок 3CX |
| Title | Не только стилер: бэкдор Gopuram распространялся посредством атаки на цепочку поставок 3CX |
| Detected Hints/Tags/Attributes | 11/1/21 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 224 | ✔ | Securelist | https://securelist.ru/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 8 | wirexpro.com |
|
| Details | Domain | 6 | oilycargo.com |
|
| Details | Domain | 338 | kaspersky.com |
|
| Details | 147 | intelreports@kaspersky.com |
||
| Details | File | 7 | guard64.dll |
|
| Details | File | 50 | d3dcompiler_47.dll |
|
| Details | File | 38 | 3cxdesktopapp.exe |
|
| Details | File | 7 | c:\windows\system32\wlbsctrl.dll |
|
| Details | File | 7 | 0.reg |
|
| Details | File | 28 | wlbsctrl.dll |
|
| Details | File | 7 | ualapi.dll |
|
| Details | File | 9 | ncobjapi.dll |
|
| Details | File | 131 | spoolsv.exe |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 2 | chk.log |
|
| Details | File | 3 | avbugreport.exe |
|
| Details | md5 | 2 | 9f85a07d4b4abff82ca18d990f062a84 |
|
| Details | md5 | 2 | F684E10FF1FFCDD32C62E73A11382896 |
|
| Details | md5 | 2 | 933508a9832da1150fcfdbc1ca9bc84c |
|
| Details | md5 | 2 | ec3f99dd7d9dbce8d704d407b086e84f |
|
| Details | md5 | 2 | 96d3bbf4d2cf6bc452b53c67b3f2516a |