360 Threat Intelligence Center
@360CoreSec
Followers
5K
Following
24
Media
26
Statuses
115
#APT # Konni.MD5: cfa9474e43df286726351a098e4d1862.C&C: http://footballs[.]sportsontheweb[.]net.
0
12
27
#APT #Gamaredon.MD5:6d956049dbaadc19543a565d303e26a5.C&C: http://classroom[.]dangeti[.]ru/IRINA/interdependent/intercourse/intercourse[.]dot.
0
10
22
#APT-C-35 #Donot.MD5: 46899620da3c24566258eda6202251b5.C&C: http://wee365[.]com/craken/authenticate/check.php.
0
7
14
#APT .The lure document #FerociousKitten Group used:.MD5: 3e38999a11cda8c9290dbe02b0e4634a.C&C: microsoft.microcaft[.]xyz.
1
3
4
1
5
22
jayshreeram[.]cf/AnyDesk.exe.jayshreeram[.]cf/PAG-HCNR-visit-US-on-25-jun-21.jpg.
1
3
3
The samples were from South Asia. The attacker tricked victims with political hotspots on phony website with fanatical slogans in Indian, and conducted RAT #attack. MD5:.fbeb1867cee05818199f91ccb99bc32e.37255857bd1fc48c7fcc2a3fa8af86a5.c820f9d2ec9ea0d0c74a11d48a74b311.
1
8
13
It 's suspected to be an #attack targeting IN. MD5:.953bb2b7296ffc9ee915c90adaf6a716.d061dab09ce1480d9317b79bf0a15a71.908F0BF164379FFF5A0A99B73FE64CA7.45.147.228[.]195.
1
6
13
The sample conducted targeted information collection. MD5:.37278b7996dc08b11968cb5d1e5f438e.0e18eb5bf3ab75e555e4909d9171b64a.www.master2025[.]com..]in/images/totalegit[.]exe.
1
4
8
It 's suspected to be an #attack targeting South America. MD5:.2e1b90807d12eb20c5d7bc495fca543a.8a4e17f2a30047f307ea3c956e04d4ac.deae11179f4c80cf07c96280548fb843.
0
4
6
#APT-C-41 #StrongPity .Sample of downloaders.MD5: .E324079702DAC313A849749217EAB6BC.C&C: .singlefunctionapp[.]com .195[.]123[.]246[.]38.
0
3
5
#Evilnum .MD5: 984a7a5f67eddd64dfd538797018feb2.FileName: SelfiePassport2505.jpg.lnk.C2: http[:]//apintoative[.]com/get.php
1
8
18
#TransparentTribe #Netwire #Backdoor.MD5: 3C3AD5B94E69953D141CDB7C1BC65747 .C&C: 66.154.103.106:13374.
#Netwire RAT suspected to be dropped by #APT-C-56 #TransparentTribe.MD5:.c2a38018cf336685e3c760c614bbf4c3.f0b43a3f4821a4cf4b514144b496e4d7.
0
2
5
#Netwire RAT suspected to be dropped by #APT-C-56 #TransparentTribe.MD5:.c2a38018cf336685e3c760c614bbf4c3.f0b43a3f4821a4cf4b514144b496e4d7.
0
3
8
#Kimsuky .Script .MD5: a7e25f83a24ac1c73acb587457e325e7. http://outwd[.]myartsonline[.]com/yu/ls[.]down.
0
1
3
#APT #Kimsuky .Template injection file: .BIOStyle.dotm. MD5:.863fd86868014b5cc008764816c422c5. URL:. http://vnskwl[.]mypressonline[.]com/relationship/BIOStyle[.]dotm.http://outwd[.]myartsonline[.]com/yu/ls[.]txt
1
6
14
#OperationMermaid #APT-C-07 .MD5:.5070200184B2A7B0373008B85EDED359 filename:d697.14BCE6FA7E68F2D886D221E3EFFEFB0F filename:d962.exe.
1
5
13
#APT-C-56 #TransparentTribe #Downloader.MD5:b0be45e54ac96dd70887f836bd43a5ed.URL: https://www[.]bsnlplots[.]com/css/css/chk[.]php.
1
3
13
