Event ID | 1459 |
UUID | 3ada8ae4-a7bd-4732-ad66-0ff8fc0f80f5 |
Creator org | CUDESO |
Owner org | LUNCHBOX |
Creator user | [email protected] |
Protected Event (experimental) | Event is in unprotected mode. |
Tags | tlp:whitex |
Date | 2021-02-01 |
Threat Level | Low |
Analysis | Completed |
Distribution | All communities |
Published | Yes 2022-08-17 17:20:34 |
#Attributes | 31 (0 Objects) |
First recorded change | 2021-02-01 16:57:25 |
Last change | 2021-02-01 17:02:22 |
Modification map | |
Sightings | 0 (0) – restricted to own organisation only. |
Related Articles
Related Feeds (show)
PivotsGalaxyEvent graphEvent timelineCorrelation graphATT&CK matrixEvent reportsAttributesDiscussion
1459: “Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers
Galaxies
Threat Actor
- Volatile Cedar
Attack Pattern
- File and Directory Discovery – T1083
- Web Shell – T1505.003
- Data from Local System – T1005
- Fallback Channels – T1008
- Exploit Public-Facing Application – T1190
- Confluence – T1213.001
- Acquire OSINT data sets and information – T1247
- Determine 3rd party infrastructure services – T1260
- Remote access tool development – T1351
- « previous
- next »
- view all
Scope toggle Deleted Decay score SightingDB Context Related Tags Filtering tool
Date | Org | Category | Type | Value | Tags | Galaxies | Comment | Correlate | Related Events | Feed hits | IDS | Distribution | Sightings | Activity | Actions | |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2021-02-01 | External analysis | link | https://www.clearskysec.com/wp-content/uploads/2021/01/Lebanese-Cedar-APT.pdf | Inherit | (0/0/0) | |||||||||||
2021-02-01 | Payload delivery | md5 | a97fdcb6493c2012aeebdeef0e09625a | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 3188df195d09ee38d89707501e330c2f | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | e9f0260409c6c964985fa4df926d7e04 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | b54346cdaf9556eb88f3d95e0bad2be5 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 5d1f75bfc7cbd96891f26b1041fd5994 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 1aebf9d07fe6e82d97e062cdbe656a36 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 544fdcce998fc7f4bb2914b3ec5b4761 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 4147d6beb17b507a5df345dae5f15c41 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 65954b4c60031fb857a09761497ff641 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 8ac64a171736252b81c4a559df1f9bae | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 902bcc27ed86bc623e20532239895da7 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | fef76a8027e07c7a51b312a26c488653 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 09a0970bfc1bc8acec1ec609d8d98fda | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 1316d35f6472eb323ae2c8b75199fbb5 | Explosive RAT | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 39887492c5c70977c0c0cf0aa0e7154b | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 93448b89c592985e22f60ab0d654787d | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 2adf71947e977b85e269d5962243215c | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 2d804386de4073bad642dfc816876d08 | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 8ed3d1cadc4c2251ec606b9d6eb5d272 | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | f30f2184ed83929cf96157bc91210daa | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 7d58573b98597a010597423652ae3394 | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 150dc0141b8a0010bb5a82419b3293eb | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 61f46fa93083d3a160ac8356fbc15722 | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 6ba944e9d3d96a46509204cd06ea2b11 | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Payload delivery | md5 | 33af1cd4585da9ed804068b2a45fc8b4 | WebShell | Inherit | (0/0/0) | ||||||||||
2021-02-01 | Network activity | ip-dst | 74.208.73.149 | Inherit | (0/0/0) | |||||||||||
2021-02-01 | Network activity | ip-dst | 169.50.13.61 | Inherit | (0/0/0) | |||||||||||
2021-02-01 | Network activity | ip-dst | 198.101.242.72 | Inherit | (0/0/0) | |||||||||||
2021-02-01 | Network activity | ip-dst | 191.101.5.183 | Inherit | (0/0/0) | |||||||||||
2021-02-01 | Network activity | ip-dst | 68.65.122.109 | Inherit | (0/0/0) |
Page 1 of 1, showing 1 records out of 31 total, starting on record 1, ending on 31
This post first appeared on Computer Security.org - CyberSecurity News, Inform, please read the originial post: here