PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector
Tags
country: Russia
maec-delivery-vectors: Watering Hole
attack-pattern: Data Hidden Window - T1564.003 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Tool - T1588.002 Vulnerabilities - T1588.006 Connection Proxy - T1090 Hidden Window - T1143
Show in Graph
Common Information
Type Value
UUID fdbb469e-681d-46f1-a07b-2944a3255478
Fingerprint 279c181b8bbfdd43
Analysis status DONE
Considered CTI value 2
Text language
Published April 30, 2021, midnight
Added to db Sept. 11, 2022, 12:41 p.m.
Last updated Nov. 17, 2024, 6:49 p.m.
Headline PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector
Title PortDoor: New Chinese APT Backdoor Attack Targets Russian Defense Sector
Detected Hints/Tags/Attributes 76/3/6
Source URLs
Redirection Url
Details Source https://www.cybereason.com/blog/portdoor-new-chinese-apt-backdoor-attack-targets-russian-defense-sector
Details Source https://www.cybereason.com/blog/research/portdoor-new-chinese-apt-backdoor-attack-targets-russian-defense-sector
URL Provider
Details Provider Source level domain
Details cybereason.com www.cybereason.com
Attributes
Details Type #Events CTI Value
Details CVE 375 
cve-2017-11882
Details CVE 58 
cve-2018-0798
Details CVE 117 
cve-2018-0802
Details File 1 
58097616.tmp
Details File 1260 
explorer.exe
Details IPv4 3 
45.63.27.162