Government-backed actors exploiting WinRAR vulnerability
Tags
Common Information
Type | Value |
---|---|
UUID | fc35033d-8a05-4970-8ec5-4646ecf7daf7 |
Fingerprint | ae8b01f7a325518c |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Oct. 18, 2023, midnight |
Added to db | Aug. 31, 2024, 12:52 a.m. |
Last updated | Nov. 17, 2024, 6:54 p.m. |
Headline | Government-backed actors exploiting WinRAR vulnerability |
Title | Government-backed actors exploiting WinRAR vulnerability |
Detected Hints/Tags/Attributes | 72/3/22 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 35 | ✔ | Threat Analysis Group (TAG) | https://blog.google/threat-analysis-group/rss/ | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 133 | cve-2023-38831 |
|
Details | CVE | 3 | cve-2023-3883 |
|
Details | Domain | 9 | fex.net |
|
Details | Domain | 50 | webhook.site |
|
Details | Domain | 12 | filetransfer.io |
|
Details | File | 3 | poc.png |
|
Details | File | 2 | навчальна-програма-оператори.zip |
|
Details | File | 2 | навчальна-програма-оператори.pdf |
|
Details | File | 2 | _.bat |
|
Details | File | 4 | ioc_09_11.rar |
|
Details | File | 14 | imagingdevices.exe |
|
Details | File | 3 | sti.dll |
|
Details | sha256 | 3 | 072afea7cae714b44c24c16308da0ef0e5aab36b7a601b310d12f8b925f359e7 |
|
Details | sha256 | 3 | 91dec1160f3185cec4cb70fee0037ce3a62497e830330e9ddc2898f45682f63a |
|
Details | sha256 | 2 | 77cf5efde721c1ff598eeae5cb3d81015d45a74d9ed885ba48330f37673bc799 |
|
Details | IPv4 | 4 | 216.66.35.145 |
|
Details | Threat Actor Identifier - APT | 783 | APT28 |
|
Details | Threat Actor Identifier - APT | 143 | APT40 |
|
Details | Url | 3 | http://webhook.site/e2831741-d8c8-4971-9464-e52d34f9d611 |
|
Details | Url | 2 | https://fex.net/s/bttyrz4 |
|
Details | Url | 2 | https://fex.net/s/59znp5b |
|
Details | Url | 2 | https://filetransfer.io/data-package/dvagojxl/download |