Cyber Espionage - APT32 and the Threat to Global Corporations
Cyber espionage actors, now designated by FireEye as APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. FireEye assesses that APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially-available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
1, List ip server
STT
|
IP Address C&C
|
STT
|
IP Address C&C
|
1
|
209.58.179.202
|
10
|
193.169.245.78
|
2
|
209.58.176.46
|
11
|
104.237.218.72
|
3
|
188.42.254.112
|
12
|
193.169.245.137
|
4
|
66.154.125.145
|
13
|
23.227.196.210
|
5
|
176.223.165.165
|
14
|
23.227.196.210
|
6
|
60.251.29.40
|
15
|
185.157.79.3
|
7
|
103.53.197.202
|
16
|
104.237.218.70
|
8
|
58.158.177.102
|
17
|
62.210.115.97
|
9
|
216.107.152.217
|
2, List Domain Malware
images.chinabytes.info
hanoi.danang.dulichovietnam.net
dalat.dulichovietnam.net
hanoi.dulichovietnam.net
danang.dulichovietnam.net
dalat.hanoi.dulichovietnam.net
hanoi.hanoi.dulichovietnam.net
danang.danang.dulichovietnam.net
dalat.dulichovietnam.net
danang.dalat.dulichovietnam.net
danang.hanoi.dulichovietnam.net
dalat.dalat.dulichovietnam.net
hanoi.dalat.dulichovietnam.net
dulichovietnam.net
anh.phimhainhat.net
data.dcsvn.org
data.phimnoi.org
dav.thanhnlen.com
home.phimnoi.org
home.vietnamplos.com
login.phimhainhat.net
login.phimnoi.org
my.phimhainhat.net
news.phapluats.com
news.vietnannet.com
vietnam.phimhainhat.net
tulationeva.com
vieweva.com
yii.yiihao126.net
contay.deaftone.com
docksugs.org
facebook-cdn.net
help.checkonl.org
icon.torrentart.com
volveri.net
dcsvn.org và các subdomain
Phimhainhat.net và các subdomain
blog.docksugs.org
high.expbas.net
images.chinabytes.info
job.supperpow.com
mobile.pagmobiles.info
nsquery.net
push.relasign.org
seri.volveri.net
syn.timeizu.net
timeizu.net
tonholding.com
update-flashs.com
vphelp.net
24.datatimes.org
blog.panggin.org
datatimes.org
emp.gapte.name
gl-appspot.org
high.vphelp.net
imaps.qki6.com
lighpress.info
news.lighpress.info
pagmobiles.info
relasign.org
ssl.zin0.com
teriava.com
img.fanspeed.net
menmin.strezf.com
notificeva.com
paidprefund.org
www.paidprefund.org
share.codehao.net
static.jg7.org
timeizu.net
untitled.po9z.com
zone.apize.net
Phimnoi.org và các subdomain
Update
dalat.dulichovietnam.net
hanoi.dulichovietnam.net
danang.dulichovietnam.net
dalat.hanoi.dulichovietnam.net
hanoi.hanoi.dulichovietnam.net
danang.danang.dulichovietnam.net
dalat.dulichovietnam.net
danang.dalat.dulichovietnam.net
danang.hanoi.dulichovietnam.net
dalat.dalat.dulichovietnam.net
hanoi.dalat.dulichovietnam.net
dulichovietnam.net
anh.phimhainhat.net
data.dcsvn.org
data.phimnoi.org
dav.thanhnlen.com
home.phimnoi.org
home.vietnamplos.com
login.phimhainhat.net
login.phimnoi.org
my.phimhainhat.net
news.phapluats.com
news.vietnannet.com
vietnam.phimhainhat.net
tulationeva.com
vieweva.com
yii.yiihao126.net
contay.deaftone.com
docksugs.org
facebook-cdn.net
help.checkonl.org
icon.torrentart.com
volveri.net
dcsvn.org và các subdomain
Phimhainhat.net và các subdomain
blog.docksugs.org
high.expbas.net
images.chinabytes.info
job.supperpow.com
mobile.pagmobiles.info
nsquery.net
push.relasign.org
seri.volveri.net
syn.timeizu.net
timeizu.net
tonholding.com
update-flashs.com
vphelp.net
24.datatimes.org
blog.panggin.org
datatimes.org
emp.gapte.name
gl-appspot.org
high.vphelp.net
imaps.qki6.com
lighpress.info
news.lighpress.info
pagmobiles.info
relasign.org
ssl.zin0.com
teriava.com
img.fanspeed.net
menmin.strezf.com
notificeva.com
paidprefund.org
www.paidprefund.org
share.codehao.net
static.jg7.org
timeizu.net
untitled.po9z.com
zone.apize.net
Phimnoi.org và các subdomain
III. (HashMD5)
STT
|
Mã băm – MD5
|
1
|
b147314203f74fdda266805cf6f84876
|
2
|
3975c3ae679aff3e0d0db5622b6c31a5
|
3
|
a64264e872f551b0b0140603293c24c7
|
4
|
4965b96bef1353006008d55e178e72b0
|
5
|
2cb51010abee4dee8aec5e16f2982e8f
|
6
|
b5e473936d325b79d463e9f46602254b
|
7
|
e58c41231eeba4952c03038d585ecca3
|
8
|
9fab515721ce1123e065497e6c854fd3
|
9
|
0f1d8c43863231a3fe86c62894aa48e4
|
10
|
cd718baf0ec7284769c8f65dadde8bae
|
11
|
7a618059557654214a1ba2370a48b887
|
12
|
6b44a8f4dcd0802a2cb6275d97362fb2
|
13
|
7a95abdf426144aa5305f1a59247f9aa
|
14
|
850172afad42dcfeb87af969f65759a6
|
15
|
e27e1759081284db15da140132bbd79f
|
16
|
e27026fdaa4c118b9dac9592a0ea2003
|
17
|
4e78b1b95056c188753a8f79b2a41f0f
|
18
|
f1a8aadb10a3c5c192b6d06d9699c276
|
19
|
58c4d4e0aaefe4c5493243c877bbbe74
|
20
|
46c522cba5ce9d837f983206441bbd5b
|
Update
0 nhận xét :
Post a Comment