CNACOM Open Source Exploitation via Strategic Web Compromise
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Virtual Private Server - T1583.003 Virtual Private Server - T1584.003
Show in Graph
Common Information
Type Value
UUID fb9fd92c-ed76-4904-8b17-30f9d45af851
Fingerprint fc15bc820aa882cd
Analysis status DONE
Considered CTI value 2
Text language
Published Dec. 1, 2016, midnight
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Oct. 16, 2024, 12:40 a.m.
Headline CNACOM - Open Source Exploitation via Strategic Web Compromise
Title CNACOM Open Source Exploitation via Strategic Web Compromise
Detected Hints/Tags/Attributes 44/2/8
Source URLs
Redirection Url
Details Source https://www.zscaler.com/blogs/research/cnacom-open-source-exploitation-strategic-web-compromise
URL Provider
Details Provider Source level domain
Details zscaler.com www.zscaler.com
Attributes
Details Type #Events CTI Value
Details CVE 77 
cve-2016-0189
Details CVE 1 
cve-2015-0116
Details CVE 24 
cve-2015-5122
Details File 1 
cnacom.exe
Details md5 1 
ACFA9C664016BFE5DB92557E923744F0
Details IPv4 1 
74.200.214.226
Details Threat Actor Identifier - APT 18 
APT12
Details Windows Registry Key 1 
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Messenger